Trouble to obtain ip via external DHCP

  • 2
  • Question
  • Updated 5 months ago
Hi,

My network is in a vlan environment, each SSID,the ZS1200 and a ZF R500 is a different Vlan. Further, i have a Windows DHCP server 2008 Standard with a scope for each vlan/ssid.


DHCP . .       . . . |Switch core|. . . . . .       . . . . . . . |Switch Distr.|
Server                          |                                                     |
Vlan 50                         |                                                     |
                                     |                                                     |              SSID1/Vlan205
                                     |                                                 ZF R500    ))))))))))
                                     |                                                 Vlan232
                               ZD1200                                                              SSID2/Vlan206
                               Vlan202                                                             ))))))))))


The ZD1200 is configured with ip controller 192.168.202.x Vlan 202, SSID1 Vlan 205 y SSID2 Vlan 206.

SSID1 should give the 192.168.205.x segment via scope DHCP external server.
SSID2 should give the 192.168.206.x segment via scope DHCP external server.
The DHCP server is in the segment 192.168.5.x.

The switch Core is WS-C3750X-24T-S, conects the ZD1200 in a trunk port:

stack3750#sh run int Gi2/0/3
Building configuration...
Current configuration : 123 bytes
!
interface GigabitEthernet2/0/3
description WLC RUCKUS
switchport trunk encapsulation dot1q
switchport mode trunk
end

The switch Distr. is WS-C2960S-48FPS-L, this conect the ZF R500 in a trunk port:

sw2-Piso2-O#sh run int Gi1/0/9
Building configuration...
Current configuration : 142 bytes
!
interface GigabitEthernet1/0/9
description AP-RUCKUS
switchport trunk native vlan 232
switchport mode trunk
spanning-tree portfast
end

in this port the native vlan is the vlan 232 (vlan ZF R500).

Ip helper DHCP is enabled in both switches.

when a user connects to SSID1 o SSID2, the conection is sucess but the user is not getting ip from external DHCP server.

I tried to enabling DHCP relay and option 82 in ZD1200 ( the option 82 is enabled in server DHCP) but the users not yet obtain ip.

I'll be attentive to your comments.
Photo of Carlo Cañete

Carlo Cañete

  • 13 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 2
Photo of Dionis

Dionis, AlphaDog

  • 70 Posts
  • 36 Reply Likes

On the core switch, do you have a VI configured for each of those VLANs (205, 206)?  This would be the default gateway for those clients and IP helper should be configured within those virtual interfaces in order for DHCP discover packets to be re-directed to the DHCP server accordingly.

May want to provide the rest of the switch config and/or, have you tested the DHCP server to ensure that it is leasing IPs on those scopes?  A simple test could be connecting a PC directly to a switch port configured as access on vlans 205 and 206 and see if you get an IP, or creating a virtual interface on the access switch and set it to obtain an IP via DHCP.

Photo of Carlo Cañete

Carlo Cañete

  • 13 Posts
  • 0 Reply Likes
Hi Dionis,
The vlan 205 and 206 are configured in that switch core.
When the switchport is set in access mode vlan access 232 (vlan AP) and  conect mi pc in this port, i get ip, but when conect the ap en this port i'm not getting it.
Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 708 Posts
  • 150 Reply Likes
i read your above comment, can u pls check port security on that switch port?
Photo of Dionis

Dionis, AlphaDog

  • 70 Posts
  • 36 Reply Likes
Mind sending me the rest of the switch configuration? Feel free to remove some of the private information you may have, such as passwords if not encrypted and IPs of the management side of things
Photo of Carlo Cañete

Carlo Cañete

  • 13 Posts
  • 0 Reply Likes
Dionis,

Pls your idea about this.....

DHCP. . . . .  . . . |Switch core|. . . . . .       . . . . . . . |Switch Distr.|
Server                          |                                                     |
Vlan 50                         |                                                     |
                                     |                                                     |              SSID1/Vlan205
                                     |                                                 ZF R500    ))))))))))
                                     |                                                 Vlan232
                               ZD1200                                                              SSID2/Vlan206
                               Vlan202                                                             ))))))))))


This is the configuration in the 3 switches in the diagram.
Words in Black are importants in network.



########Config Switch Server#########

switchport range f0/1 - f0/46 setting:

 description xxxxxxxxxx
 switchport access vlan 50
 switchport mode access
 spanning-tree portfast
!

switchport range f0/47 - 48 setting:
description to-stack3750(Switch core)
switchport mode trunk
!
------------------------------
interface Vlan1 no ip address
 no ip route-cache
 shutdown
!
interface Vlan50 ip address 192.168.5.21 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.5.1
ip http server
snmp-server community nazgul RO 4

######### Switch Core ############

!spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree vlan 50 priority 4096

port-channel load-balance dst-mac!
vlan internal allocation policy ascending
!
vlan 30
 name Desarrollo
vlan 50
 name servidores
vlan 201 
vlan 202
 name W-adm
vlan 203
 name W-corp
vlan 204
 name W-visitas
vlan 205
 name W-moviles
vlan 206
 name W-mym2014
vlan 207
 name W-mymMovplanta
vlan 231,240 
vlan 241
 name Interred-Planta

-----------------------------------
interface Port-channel1 description Enlace-Prin-GTD
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 50
 switchport trunk allowed vlan 3,50
 switchport mode trunk
!
interface Port-channel2
 description to-dist.presidencia
 no switchport
 ip address 192.168.240.9 255.255.255.252
!
interface Port-channel3
 description to-dist.corporativo
 no switchport
 ip address 192.168.240.13 255.255.255.252
!
interface FastEthernet0
 no ip address
 no ip route-cache cef
 no ip route-cache
 no ip mroute-cache
 shutdown
!
interface GigabitEthernet1/0/1
 description Enlace-Prin-GTD
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 50
 switchport trunk allowed vlan 50
 switchport mode trunk
 speed 100
 duplex full
!
interface GigabitEthernet1/0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet2/0/1 description to-wlc-CISCO
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet2/0/3
 description WLC RUCKUS
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet2/0/10 
description to-SwServerProd
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet2/0/11
 description to-swServerDes
 switchport trunk encapsulation dot1q
 switchport mode trunk

!
interface Vlan50
 description Servidores Produccion
 ip address 192.168.1.15 255.255.255.0 secondary
 ip address 192.168.5.10 255.255.255.0
 ip helper-address 192.168.5.30
 ip helper-address 192.168.5.241
 no ip redirects
 standby 50 ip 192.168.5.1
 standby 50 ip 192.168.1.4 secondary
 standby 50 priority 150
 standby 50 preempt
!
interface Vlan202
 ip address 192.168.202.1 255.255.255.0
 ip helper-address 192.168.5.30
 ip helper-address 192.168.5.241
!
interface Vlan205
 ip address 192.168.205.1 255.255.255.0
 ip helper-address 192.168.5.30
!
interface Vlan206
 ip address 192.168.206.1 255.255.255.0
!
!interface Vlan207
 ip address 192.168.207.1 255.255.255.0
!
interface Vlan240
 bandwidth 10
 ip address 192.168.240.1 255.255.255.252
!
interface Vlan241
 ip address 192.168.240.5 255.255.255.252
!
!
router eigrp 10 network 192.168.1.0
 network 192.168.3.0
 network 192.168.5.0
 network 192.168.40.0
 network 192.168.201.0
 network 192.168.202.0
 network 192.168.203.0
 network 192.168.204.0
 network 192.168.205.0
 network 192.168.206.0
 network 192.168.207.0
 network 192.168.240.0 0.0.0.3
 network 192.168.240.4 0.0.0.3
 network 192.168.240.8 0.0.0.3
 network 192.168.240.12 0.0.0.3
 redistribute static

############Sw Dist ############

vlan internal allocation policy ascending
!
vlan 232 
name administracion
!
!
interface GigabitEthernet1/0/48
 description sw1-Piso2-O
 switchport mode trunk
 spanning-tree portfast
!
interface GigabitEthernet1/0/49
description AP RUCKUS
 description to-distribucion
 switchport mode trunk
!
interface Vlan232
 ip address 192.168.232.13 255.255.255.0
 ip helper-address 192.168.5.30
!
ip default-gateway 192.168.232.1
!
--------------------------------------------------------------

Being all for now, I await a reply...
Photo of Carlo Cañete

Carlo Cañete

  • 13 Posts
  • 0 Reply Likes
Dionis,
Attached a picture with the diagram with the relevant configurations.

Item in red are Ruckus devices.

Being all for now, I await a reply..
Photo of Dionis

Dionis, AlphaDog

  • 70 Posts
  • 36 Reply Likes

Carlo, can you try the following please?  I want to know if it helps at all. Can you configure the AP to bridge the VLAN instead of tunneling it to the controller?  By this I mean that instead of having the AP create a tunnel to the controller, send the VLAN of the WLAN (VLAN 205) to the switch directly in a local break out mode and pass it along to your core switch.  You may also want to enable dot1q encapsulation on the AP port and controller port and enable native VLAN for the management VLAN of the AP (if doing local break out) and controller.


Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 776 Posts
  • 163 Reply Likes
Carlo,

I have series of questions for you to answer:

Is this a issue impacting all the users connection to SSID's or some specific ones?
in the current configuration, what happens if you connect a laptop wired to the switch port on to which AP is connected? Do you get correct IP?
If you make that AP switch port as access port for VLAN 205 and then connect a laptop wired to the that port, Do you get correct IP?
If you make that AP switch port as access port for VLAN 206 and then connect a laptop wired to the that port, Do you get correct IP?
remove port security and see if that helps?

I don't have a switch experience however i have troubleshot similar issue and resolved. Most some misconfig somewhere while configuring switch...

hope this helps..
Photo of Carlo Cañete

Carlo Cañete

  • 13 Posts
  • 0 Reply Likes
Dionis, thank very much for your help.
The problem was in configuration of server DHCP.

Thanks!
Photo of Jayaratnam Vinthan

Jayaratnam Vinthan

  • 1 Post
  • 0 Reply Likes
may i know what is the problem in dhcp server?
I have same problem.

Thank you
Photo of niwai

niwai

  • 6 Posts
  • 0 Reply Likes
How to remove dhcp binding from ZD.
Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 776 Posts
  • 163 Reply Likes
I am not sure what you mean by dhcp binding ?
Photo of niwai

niwai

  • 6 Posts
  • 0 Reply Likes
I already configured dhcp server on my ZD. I need to clear, that had issued ip addresses from the ZD. It screening like below.

.
Thanks,
Photo of Monnat Systems

Monnat Systems, AlphaDog

  • 776 Posts
  • 163 Reply Likes
well, there not much nuts and bolts in ZD DHCP server to twist and turn. i think if you just disable and enabled the DHCP that should do the trick.

ideally if your network is large and complex better use external DHCP server...
Photo of Mochamad Fikri Nur Alim

Mochamad Fikri Nur Alim

  • 1 Post
  • 0 Reply Likes
Hi im using ruckus zf r600 but always obtaining ip for client. I have config dhcp snooping at router and switch... Please someone help me