DHCP Troubleshooting Manual


Chapter 1  DHCP Troubleshooting

1.1  DHCP Overview

The Dynamic Host Configuration Protocol (DHCP) is built on a client-server model, in which a client sends a configuration request and then the server returns a reply to send configuration parameters (such as IP address, subnet mask, and gateway) to the client. The request and reply messages are both encapsulated using UDP.

As shown in Figure 1-1, a DHCP client obtains an IP address from a DHCP server via four steps:

Figure 1-1 Dynamic IP address allocation process

1)         The client broadcasts a DHCP-DISCOVER message to locate a DHCP server.

2)         A DHCP server offers configuration parameters such as an IP address to the client in a DHCP-OFFER message.

3)         If several DHCP servers send offers to the client, the client accepts the first received offer, and broadcasts it in a DHCP-REQUEST message to formally request the IP address.

4)         All DHCP servers receive the DHCP-REQUEST message, but only the server from which the client accepts the offered IP address returns a DHCP-ACK message to the client, confirming that the IP address has been allocated to the client, or returns a DHCP-NAK unicast message, denying the IP address allocation.

The following are three typical DHCP networks:

5)         DHCP clients directly communicate with a DHCP server if they are on the same subnet, as shown in Figure 1-2.

Figure 1-2 Network diagram for DHCP (I)

6)         DHCP clients obtain IP addresses and other configuration information from a DHCP server on another subnet via a DHCP relay agent, as shown in Figure 1-3.

Figure 1-3 Network diagram for DHCP (II)

7)         DHCP clients communicate with a DHCP server on the same subnet via a DHCP snooping device, as shown in Figure 1-4.

Figure 1-4 Network diagram for DHCP (III)

1.1.1  Introduction to DHCP Server

I. DHCP address pool

A DHCP server assigns to a client an IP address from a configured address pool in the following sequence:

l           The IP address manually bound to the client’s MAC address or ID

l           The IP address that was ever assigned to the client

l           The IP address designated by the Option 50 field in the DHCP-DISCOVER message

l           The first assignable IP address in the address pool

l           The IP address that was a conflict or passed its lease duration

l           If no IP address is assignable, the server will not respond.

II. Principles for selecting an address pool

The DHCP server observes the following principles to select an address pool when assigning an IP address to a client:

l           If the DHCP client and the DHCP server reside in the same subnet, the DHCP server will select the smallest address pool that contains the IP address of the interface that received the client’s request.

l           If the DHCP client and the DHCP server reside in different subnets, the DHCP server will select the smallest address pool that contains the IP address specified in the giaddr field of the client’s request.

l           If no IP address is available in the address pool, the DHCP server will fail to assign an address to the client. Therefore, the address pool must be on the same subnet as the receiving interface’s IP address (if the client and the server reside in the same network segment) or as the IP address specified in the giaddr field of the client’s request (if a DHCP relay agent is in-between).

1.1.2  Introduction to DHCP Relay Agent

I. IP address allocation via a DHCP relay agent

Figure 1-5 describes how the DHCP relay agent works. The source IP address of messages forwarded by the DHCP relay agent to the DHCP sever and to the DHCP client are both the IP address of the interface that received the DHCP request.

Figure 1-5 DHCP relay agent work process

II. DHCP relay agent support for Option 82

Option 82 records the location information of the DHCP client. The administrator can locate the DHCP client to further implement security control and accounting. If the DHCP relay agent supports Option 82, it will handle a client’s request according to the handling strategy and padding format defined for Option 82 (if any), and then forward the request to the DHCP server. If a reply returned by the DHCP server contains Option 82, the DHCP relay agent will remove the Option 82 before forwarding the reply to the client.

1.1.3  Introduction to DHCP Client

With the ip address dhcp-alloc command executed, an interface does not broadcast a DHCP-DISCOVER message immediately; rather, it randomly broadcasts it within 10 seconds. The DHCP client keeps sending requests until it receives a reply from a DHCP server.

After the client receives the DHCP-ACK message, it will probe whether the IP address assigned by the server is in use by broadcasting a gratuitous ARP packet. If the IP address is in use, the client sends a DHCP-DECLINE message to the server and requests an IP address again. If the assigned IP address is on the same subnet as any other interface’s IP address on the DHCP client, the DHCP client neither uses the IP address nor requests again.

1.1.4  Introduction to DHCP Snooping

DHCP snooping is a DHCP security feature. If there is an unauthorized DHCP server on a network, DHCP clients may obtain invalid IP addresses. With DHCP snooping, the ports of a device can be configured as trusted or untrusted, ensuring the clients to obtain IP addresses from authorized DHCP servers.

l           Trusted: A trusted port forwards DHCP messages normally to guarantee that DHCP clients can obtain valid IP addresses from a DHCP server.

l           Untrusted: An untrusted port discards the DHCP-ACK or DHCP-OFFER packets from any DHCP server to prevent DHCP clients from receiving invalid IP addresses.

DHCP snooping records a client’s IP and MAC addresses, port number and VLAN ID of the interface that received the client’s request in the address allocation process.

This chapter mainly covers problems you may encounter when configuring DHCP and the problems that may be difficult to understand.

1.2  Problems

1.2.1  Problem 1: DHCP Clients Cannot Obtain IP Addresses From the DHCP Server Located on the Same Subnet

I. Symptoms

In Figure 1-2, the DHCP clients cannot obtain IP addresses from the DHCP server.

II. Analysis

Enable DHCP server debugging in user view using the debugging dhcp server all command to locate the problem:

Debugging information

Possible reasons

No packet debugging information is output.

1) 2)

Failed to get available ip from interface ip-address mask ip-address.

3) 6)

DHCPServer: Lease is exhausted!

3) 6)

Sending Message-Type failed!

4)

DHCPServer: The number of leases has reached the maximum!

5)

 

Possible reasons:

1)         Physical link problem

2)         DHCP is not enabled

3)         No address pool is configured on the DHCP server

Use the display dhcp server tree all command to verify that an address pool containing or residing on the same subnet as the subnet of the receiving interface’s IP address is configured.

4)         Wrong DHCP sever address pool configuration

Make sure that the address pool must be on the same subnet as the receiving interface’s IP address so that the DHCP server can return a reply in unicast to the client.

5)         Lease duration has passed

The DHCP server assigns IP addresses with leases (support for lease duration depends on the device model). If an IP address has passed its lease duration, the DHCP serer does not assign the IP address. Execute the display dhcp server ip-in-use all command to verify that the lease duration of an IP address has passed.

6)         No assignable IP address is available

Verify that there is any assignable IP address by using the following commands:

l           Use the display dhcp server free-ip command to view assignable IP addresses on the same subnet as the receiving interface’s IP address;

l           Use the display dhcp server expired all command to view IP addresses on the same subnet as the receiving interface’s IP address;

l           Use the display dhcp server conflict all command to view conflicted IP addresses (more than one hour) on the same subnet as the receiving interface’s IP address.

If above IP addresses are not available, the DHCP server cannot assign IP addresses.

III. Solution

1)         Reconnect the cables;

2)         Configure the dhcp enable command in system view;

3)         Configure an address pool containing or on the same subnet as the receiving interface’s IP address;

4)         Configure an address pool on the same subnet as the receiving interface’s IP address.

5)         Use the display dhcp server expired all command to display whether expired leases exist. If yes, use the reset dhcp server ip-in-use command to remove them.

6)         Expand the network segment of the address pool.

1.2.2  Problem 2: DHCP Clients Cannot Obtain IP addresses Through a DHCP Relay Agent

I. Symptoms

In Figure 1-3, the DHCP clients cannot obtain IP addresses from the DHCP server.

II. Analysis

Enable debugging in user view on the DHCP server using the debugging dhcp server all command and enable debugging in user view on the DHCP relay agent using the debugging dhcp relay all command to locate the problem:

Debugging information

Possible reasons

No DHCP server packet debugging information is output.

1) 2) 3) 5)

No DHCP relay agent packet debugging information is output.

1) 2)

The following DHCP relay agent debugging information is output:

The interface does not exist

3)

The following DHCP relay agent debugging information is output:

Sending packet failed when processing Message-Type packet!

The Message-Type argument refers to the type of the DHCP request message.

4)

The following DHCP server debugging information is output:

Failed to get available ip from interface ip-address mask ip-address.

6) 9)

The following DHCP server debugging information is output:

DHCPServer: Lease is exhausted!

6) 9)

DHCPServer: The number of leases has reached the maximum!

8)

The following DHCP server debugging information is output:

Sending Message-Type failed!

10)

The following DHCP relay agent debugging information is output:

Sending packet failed when processing Message-Type packet!

The Message-Type argument refers to the type of the DHCP reply message.

7)

 

Possible reasons:

1)         Physical link problem

2)         DHCP is not enabled

3)         No server group is correlated with the DHCP relay agent interface

Execute the display this command on the DHCP relay agent interface to verify whether a DHCP server group is correlated with the relay agent interface.

4)         The DHCP server specified in the server group does not exist.

5)         The DHCP server specified in the server group is not connected with the DHCP relay agent.

6)         No address pool is configured on the DHCP server.

Use the display dhcp server tree all command to display the address pool configuration and verify that an address pool on the same subnet as or containing the subnet of the relay agent interface’s IP address is configured.

7)         Wrong DHCP sever address pool configuration

Make sure that the address pool is on the same subnet as the relay agent interface’s IP address so that the DHCP server can return a reply in unicast to the client.

8)         Lease duration has passed

The DHCP server assigns IP addresses with leases (support for lease duration depends on the device model). If an IP address has passed its lease duration, the DHCP serer does not assign the IP address. Execute the display dhcp server ip-in-use all command to verify that the lease duration of an IP address has passed.

9)         No assignable IP address is available

Verify that there is any assignable IP address by using the following commands:

l           Use the display dhcp server free-ip command to view assignable IP addresses (on the same subnet as the receiving interface’s IP address);

l           Use the display dhcp server expired all command to view IP addresses on the same subnet as the receiving interface’s IP address;

l           Use the display dhcp server conflict all command to view conflicted IP addresses (more than one hour) on the same subnet as the receiving interface’s IP address.

If above IP addresses are not available, the DHCP server cannot assign IP addresses.

10)     Use the display ip routing-table command to verify that there is a route from the DHCP server to the DHCP relay agent. If no such a route exists, the DHCP server cannot send replies to the DHCP relay agent.

III. Solution

1)         Reconnect the cables;

2)         Configure the dhcp enable command in system view;

3)         Use the dhcp relay server-select command to correlate the DHCP relay agent interface to a specified DHCP server group.

4)         Use the dhcp relay server-group server-group ip ip-address command in system view to specify a DHCP server for a DHCP server group.

5)         Use the dhcp relay server-group server-group ip ip-address command in system view to specify the DHCP server connected with the DHCP relay agent.

6)         Configure an address pool containing or on the same subnet as the relay agent interface’s IP address;

7)         Configure an address pool on the same subnet as the relay agent interface’s IP address.

8)         Use the display dhcp server expired all command to display whether expired leases exist. If yes, use the reset dhcp server ip-in-use command to remove them.

9)         Expand the network segment of the address pool.

10)     Enable a specified routing protocol or configure a static route between the DHCP server and the DHCP relay agent interface.

1.2.3  Problem 3: DHCP Clients Cannot Obtain IP addresses Through DHCP Snooping

I. Symptoms

In Figure 1-4, the DHCP clients cannot obtain IP addresses from the DHCP server.

II. Analysis

1)         Refer to analysis 1) through 6) in Problem 1: DHCP Clients Cannot Obtain IP Addresses From the DHCP Server Located on the Same Subnet to check the DHCP server configurations.

2)         Verify that the DHCP snooping device’s interface connected to the DHCP server is configured as a trusted port. If not so, the DHCP snooping device discards reply messages returned by the DHCP server.

III. Solution

l           Refer to the solutions in Problem 1: DHCP Clients Cannot Obtain IP Addresses From the DHCP Server Located on the Same Subnet

l           Configure the DHCP snooping device’s interface connected to the DHCP server as a trusted port.

1.3  Other Problems

1.3.1  DHCP Clients Cannot Obtain Specific Options Configured on the Server

I. Symptoms

A DHCP client cannot obtain specific options (such as Option 123 ascii abcdef) already configured in the DHCP sever address pool.

II. Analysis

If the requested parameter list (Option 50) in the request message sent by the DHCP client does not include Option 123, the DHCP server does not pad Option 123 in the reply message.

1.3.2  IP Addresses Excluded From Allocation Can Still Be Assigned

I. Symptoms

Perform the following configurations:

#                                                                              

dhcp server ip-pool 1                                                           

 static-bind ip-address 1.1.1.1 mask 255.0.0.0                                 

 static-bind mac-address 0001-0001-0001                                        

 expired unlimited                                                              

#                                                                              

 dhcp server forbidden-ip 1.1.1.1                                              

#

IP address 1.1.1.1 can still be assigned.

II. Analysis

A statically bound IP address can be assigned even if it is excluded from allocation, while a dynamic IP address cannot. In this case, after you remove the corresponding static binding, the IP address will be excluded from allocation.

1.3.3  A Released IP Address Is Not Assignable to Other Clients

I. Symptoms

After the DHCP server receives a DHCP-RELEASE request from a client, the IP address specified in the request is still not assignable to other clients.

II. Analysis

The server puts the released IP address into expired leases.

As recommended in RFC 2131, a DHCP server attempts to assign the same IP address each time a client requests an address. To do so, it records the IP address ever assigned to a client in expired leases. When the client requests an IP address again, the DHCP server can assign that IP address to the client.

1.3.4  The Ping Response Timeout Setting on the DHCP Server Is Invalid

I. Symptoms

If the ping response timeout is set to a value less than 100ms on the DHCP server, the value of 100ms is applied. Thus, the timeout setting does not take effect.

II. Analysis

Currently, the ping response timeout timer used by a DHCP server is counted in 100ms. The value of the timer is a multiple of 100ms.

For example, a configured timeout time of 50ms is adjusted to 100ms by the DHCP server; and a configured timeout time of 230ms is adjusted to 300ms.

1.3.5  An Expired IP Address Still Exists in the DHCP Relay Agent Security Entry

I. Symptoms

An expired IP address still exists in the IP-to-MAC binding recorded on the DHCP relay agent.

II. Analysis

The IP-to-MAC binding is not removed immediately; instead, the removal of such an entry depends on the configured age time and the total number of entries. If there are N valid binding entries, the aging time (in seconds) of the first valid entry is calculated as follows:

1)         In default case (auto):

l           If 60/N is no less than 0.5, the aging time of the entry is 60/N*N*2 + 60/N=120+60/N. That is, the interval for sending age probe packets is 60/N;

l           If 60/N is less than 0.5, the aging time is 0.5 *N*2 +0.5 =N+0.5. That is, the interval for sending age probe packets is 0.5 seconds.

2)         In non-default cases:

If the age timeout timer is set to T for N binding entries, the aging time of the first entry is T*N*2+T. That is, the aging time for sending age probe packets is T.

1.3.6  A Static IP-to-MAC Binding Configured on the DHCP Server Is Invalid

I. Symptoms

The IP address statically bound to a client’s MAC address on the DHCP server is not assigned to the client.

II. Analysis

A DHCP server supports two static binding modes:

l           IP-to-MAC: Applicable when a client sends a request message without the Client ID option (Option 61).

l           IP-to-Client ID: Applicable when a client sends a request message with the Client ID option (Option 61).

Use the display dhcp server ip-in-use ip ip-address command to view the lease of the IP address assigned to the client. If the Client-identifier/Hardware address in the lease is not the client’s MAC address, you need to configure an IP-to-Client ID binding for the client on the server; after that, if the problem persists, it is considered a device problem, and you need to contact the customer service staff.

1.3.7  DHCP Snooping Device Fails to Generate Entries

I. Symptoms

After a DHCP client obtains an IP address, the corresponding DHCP snooping entry is not generated.

II. Analysis

Some DHCP snooping devices use ACLs to deliver received DHCP packets to the CPU. However, if such a DHCP snooping device has no ACLs to assign, DHCP packets cannot be delivered to the CPU, even if the receiving port is a DHCP snooping trusted port. Thus, no DHCP snooping entry is generated.

1.4  Troubleshooting Procedure

1.4.1  The DHCP Server and DHCP Client Are on the Same Subnet

I. Troubleshooting flow

Figure 1-6 DHCP server troubleshooting flow chart

II. Troubleshooting procedures

1)         Check the physical link

In Figure 1-2, the DHCP server is connected to DHCP clients through Ethernet 1/0. Configure an IP address for a client, and the IP address should be on the same network segment as that of Ethernet 1/0 of the DHCP server. Then, ping the IP address of Ethernet 1/0 from the client: if successful, no trouble exists on the physical link.

You can also enable DHCP server debugging to verify that the DHCP server can receive DHCP-DISCOVER messages from DHCP clients.

2)         Check whether DHCP is enabled

Execute the display current-configuration command in system view to verify that DHCP is enabled. If not, execute the dhcp enable command to enable DHCP.

3)         Check DHCP address pool configuration

Execute the display dhcp server tree all command to verify that a global address pool and the network segment are configured.

Verify that the address pool and the IP address of Ethernet 1/0 are on the same network segment. For example, if the address pool is 1.1.1.1/24 and the IP address of Ethernet 1/0 is 2.2.2.2, the clients in Figure 1-2 cannot obtain IP addresses from the DHCP server.

If the above troubles do not exist, go to step 4).

4)         Check assignable IP addresses in the address pool

Execute the display dhcp server free-ip command to verify that there is any assignable IP address in the address pool.

If no IP address is assignable, execute the display dhcp server expired all command to verify that there is any expired IP address which is on the same network segment as the IP address of Ethernet 1/0.

If no expired IP address is available, execute the display dhcp server conflict all command to verify that there is any conflicted IP address and check the conflict time. Only the IP addresses with conflict time more than one hour can be assigned.

If no assignable IP address, expired IP address, or conflicted IP address exists in the address pool, all IP addresses have been assigned and thus the server cannot assign any IP address. If yes, go to step 5).

5)         Check the IP address assignment threshold

Execute the display dhcp server ip-in-use all command to verify that maximum IP addresses have been assigned. Then, the DHCP server cannot assign any IP address.

1.4.2  The DHCP Client Obtains IP Address Through DHCP Relay Agent

I. Troubleshooting flow

Figure 1-7 DHCP relay agent troubleshooting flow chart

II. Troubleshooting procedures

1)         Check the physical link

In Figure 1-3, check the availability of the link between the DHCP server and DHCP relay agent, and the link between the DHCP relay agent and DHCP clients.

2)         Check whether DHCP is enabled

Execute the display current-configuration command in system view to verify that DHCP is enabled. If not, execute the dhcp enable command to enable DHCP.

3)         Check DHCP relay agent configuration

Verify that the DHCP server address is specified. That is, the dhcp select relay and the dhcp relay server-select commands are configured on Ethernet 1/1, and use the display dhcp relay server-group command to verify that the DHCP server’s IP address 10.1.1.1 is included in the server group.

4)         Check DHCP server configuration

Execute the display dhcp server tree all command to verify that a global address pool and the network segment are configured.

Verify that the DHCP address pool is on the same network segment as or contains the network segment of the relay agent interface’s IP address (IP address of Ethernet 1/1). You are recommended to configure the address pool and the relay agent interface’s IP address to be on the same network segment so as to ensure that the DHCP relay agent can forward replies to DHCP clients. In this example, verify that the address pool is 10.10.1.0/24.

5)         Check assignable IP addresses in the address pool

Execute the display dhcp server free-ip command to verify that there is any assignable IP address in the address pool.

If no IP address is assignable, execute the display dhcp server expired all command to verify that there is any expired IP address.

If no expired IP address is available, execute the display dhcp server conflict all command to verify that there is any conflicted IP address and check the conflict time. Only the IP addresses with conflict time more than one hour can be assigned.

If no assignable IP address, expired IP address, or conflicted IP address exists in the address pool, all IP addresses have been assigned and thus the server cannot assign any IP address. If yes, go to step 6).

6)         Check the IP address assignment threshold

Execute the display dhcp server ip-in-use all command to verify that maximum IP addresses have been assigned. Then, the DHCP server cannot assign any IP address.

7)         Verify that the DHCP server has a route to the DHCP relay agent

Ping 10.10.1.1 on the DHCP server. If the IP address cannot be pinged, execute the display ip routing-table command on the DHCP server to verify that there is a route entry to 10.10.1.1. If not, execute the ip route-static 10.10.1.1 24 10.1.1.2 command on the DHCP server.

If it still cannot be pinged, check the physical link.

1.4.3  The DHCP Client Obtains IP Address Through DHCP Snooping

I. Troubleshooting flow

Figure 1-8 DHCP snooping troubleshooting flow chart

II. Troubleshooting procedures

1)         Check the physical link

In Figure 1-4, the DHCP server is connected to DHCP clients through Ethernet 1/0. Configure an IP address for a client. The IP address should be on the same network segment as that of Ethernet 1/0 of the DHCP server. Then, verify that the IP address of Ethernet 1/0 can be pinged from the client; if yes, the physical link is available.

You can also enable DHCP server debugging to verify that the DHCP server can receive DHCP-DISCOVER messages from DHCP clients.

2)         Check whether DHCP is enabled

Execute the display current-configuration command in system view to verify that DHCP is enabled. If not, execute the dhcp enable command to enable DHCP.

3)         Check DHCP snooping configuration

Execute the display current-configuration command in system view to verify that DHCP snooping is enabled and Ethernet 1/1 is configured as a trusted port.

4)         Check DHCP server configuration

Execute the dhcp enable command to enable DHCP.

Execute the display dhcp server tree all command to verify that a global address pool and the network segment are configured.

Verify that the address pool and the IP address of Ethernet 1/0 are on the same network segment. For example, if the address pool is 1.1.1.1 24 and the IP address of Ethernet 1/0 is 2.2.2.2, the clients in Figure 1-4 cannot obtain IP addresses from the DHCP server.

If the above troubles do not exist, go to step 5).

5)         Check assignable IP addresses in the address pool

Execute the display dhcp server free-ip command to verify that there is any assignable IP address in the address pool.

If no IP address is assignable, execute the display dhcp server expired all command to verify that there is any expired IP address which is on the same network segment as the IP address of Ethernet 1/0.

If no expired IP address is available, execute the display dhcp server conflict all command to verify that there is any conflicted IP address and check the conflict time. Only the IP addresses with conflict time more than one hour can be assigned.

If no assignable IP address, expired IP address, or conflicted IP address exists in the address pool, all IP addresses have been assigned and thus the server cannot assign any IP address. If yes, go to step 6).

6)         Check the IP address assignment threshold

Execute the display dhcp server ip-in-use all command to verify that maximum IP addresses have been assigned. Then, the DHCP server cannot assign any IP address.

1.5  Troubleshooting Cases

1.5.1  Long Address Acquisition Process

I. Network environment

Figure 1-9 Network diagram for the troubleshooting case

II. Symptoms

A DHCP client (a PC) has to wait for one minute before it can obtain an IP address from the DHCP server.

III. Troubleshooting procedures

l           Check DHCP server configurations

The DHCP server configurations are displayed as follows, and no problem exists.

#                                                                              

dhcp server ip-pool 1                                                           

 network 1.1.0.0 mask 255.255.0.0                                              

#                                         

……

#                                                                               

interface Ethernet1/0                                                        

 port link-mode route                                                          

 ip address 1.1.1.1 255.255.255.0                                              

#                                                                               

……

#                                                                              

 dhcp enable                                                                   

#                   

l           Check the status of Ethernet 1/0

The interface Ethernet 1/0 that is connected to the DHCP clients is up.

[server] display ip interface brief Ethernet 1/0                                  

*down: administratively down                                                    

(s): spoofing                                                                  

Interface                                Physical   Protocol   IP Address      

Ethernet1/0                              up         up       1.1.1.1          

l           Check the physical link

Configure an IP address of 1.1.1.2 for a DHCP client. Ping the DHCP server’s IP address 1.1.1.1 from the client. The ping operation is successful.

l           Troubleshoot through debugging

Enable DHCP server debugging using the debugging dhcp server all command in user view, and the following debugging information is displayed:

<server> debugging dhcp server all

*May 27 13:02:19:494 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Receive DHCPDISCOVER from 00e0-e100-0201.                                        

*May 27 13:02:19:494 2007 server DHCPS/7/DHCPS_DEBUG_PACKET:                   

Rx, interface Ethernet1/0                                                    

    Message type: request                                                       

    Hardware type: 1, Hardware address length: 6                               

    Hops: 0, Transaction ID: 16777216                                          

    Seconds: 0, Broadcast flag: 0                                               

    Client IP address: 0.0.0.0    Your IP address: 0.0.0.0                     

    Server IP address: 0.0.0.0    Relay agent IP address: 0.0.0.0              

    Client hardware address: 00e0-e100-0201                                     

    Server host naame: Not Configured, Boot file name: Not Configured          

    DHCP message type: DHCP Discover                                           

                                                                               

*May 27 13:02:19:494 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Assign Free Lease from global pool.            

……                   

*May 27 13:02:20:110 2007 server DHCPS/7/DHCPS_DEBUG_PACKET:                   

Tx, interface Ethernet1/0                                                    

    Message type: reply                                                        

    Hardware type: 1, Hardware address length: 6                               

    Hops: 0, Transaction ID: 16777216                                          

    Seconds: 0, Broadcast flag: 0                                              

    Client IP address: 0.0.0.0    Your IP address: 1.1.0.2                     

    Server IP address: 0.0.0.0    Relay agent IP address: 0.0.0.0              

    Client hardware address: 00e0-e100-0201                                    

    Server host naame: Not Configured, Boot file name: Not Configured          

    DHCP message type: DHCP Offer                                               

                                                                               

*May 27 13:02:20:110 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DhcpServer: Failed to send DHCPOFFER to MAC=> 00e0-e100-0201 .                                

*May 27 13:02:20:110 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Sending DHCPOFFER failed!       

……

*May 27 13:09:54:228 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Receive DHCPDISCOVER from 00e0-e100-0201.            

*May 27 13:09:54:228 2007 server DHCPS/7/DHCPS_DEBUG_PACKET:                   

Rx, interface Ethernet1/0                                                    

    Message type: request                                                       

    Hardware type: 1, Hardware address length: 6                               

    Hops: 0, Transaction ID: 266602672                                         

    Seconds: 0, Broadcast flag: 1                                               

    Client IP address: 0.0.0.0    Your IP address: 0.0.0.0                     

    Server IP address: 0.0.0.0    Relay agent IP address: 0.0.0.0              

    Client hardware address: 00e0-e100-0201                                     

    Server host naame: Not Configured, Boot file name: Not Configured          

    DHCP message type: DHCP Discover                                           

                                                                               

*May 27 13:09:54:228 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Assign Free Lease from global pool.    

……                           

*May 27 13:09:54:816 2007 server DHCPS/7/DHCPS_DEBUG_PACKET:                   

Tx, interface Ethernet1/0                                                    

    Message type: reply                                                        

    Hardware type: 1, Hardware address length: 6                               

    Hops: 0, Transaction ID: 266602672                                         

    Seconds: 0, Broadcast flag: 1                                              

    Client IP address: 0.0.0.0    Your IP address: 1.1.0.2                     

    Server IP address: 0.0.0.0    Relay agent IP address: 0.0.0.0              

    Client hardware address: 00e0-e100-0201                                    

    Server host naame: Not Configured, Boot file name: Not Configured          

    DHCP message type: DHCP Offer                                               

                                                                               

*May 27 13:09:54:816 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DhcpServer: Send DHCPOFFER to 00e0-e100-0201 Offer IP=> 1.1.0.2. 

*May 27 13:09:54:848 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Receive DHCPREQUEST from 00e0-e100-0201.             

*May 27 13:09:54:848 2007 server DHCPS/7/DHCPS_DEBUG_PACKET:                   

Rx, interface Ethernet1/0                                                     

    Message type: request                                                      

    Hardware type: 1, Hardware address length: 6                               

    Hops: 0, Transaction ID: 266602672                                          

    Seconds: 0, Broadcast flag: 1                                              

    Client IP address: 0.0.0.0    Your IP address: 0.0.0.0                     

    Server IP address: 0.0.0.0    Relay agent IP address: 0.0.0.0              

    Client hardware address: 0000-5e00-4701                                    

    Server host naame: Not Configured, Boot file name: Not Configured          

    DHCP message type: DHCP Request                                             

                                                                               

*May 27 13:09:54:848 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Acknowledge the DHCPREQUEST message!                               

*May 27 13:09:54:848 2007 server DHCPS/7/DHCPS_DEBUG_PACKET:                   

Tx, interface Ethernet1/0                                                    

    Message type: reply                                                        

    Hardware type: 1, Hardware address length: 6                               

    Hops: 0, Transaction ID: 266602672                                         

    Seconds: 0, Broadcast flag: 0                                              

    Client IP address: 0.0.0.0    Your IP address: 1.1.0.2                     

    Server IP address: 0.0.0.0    Relay agent IP address: 0.0.0.0              

    Client hardware address: 00e0-e100-0201                                    

    Server host naame: Not Configured, Boot file name: Not Configured          

    DHCP message type: DHCP Ack                                                

                                                                               

*May 27 13:09:54:848 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DhcpServer: Send DHCPACK to 00e0-e100-0201 Offer IP=> 1.1.0.2.   

*May 27 13:09:54:848 2007 server DHCPS/7/DHCPS_DEBUG_COMMON:                   

DHCPServer: Requesting security module(s) to add a security entry (1.1.0.4 00e0-e100-0201) succeeded.                                                          

From the above debugging information, you can see that the DHCP client obtains an IP address after broadcasting five DHCP-DISCOVER messages. After receiving each of the first four messages, the DHCP server assigns a lease, but the DHCP-OFFER message fails to be sent to the requesting client. After receiving the fifth DHCP-DISCOVER message, the DHCP server successfully assigns the lease. Compared with the first four messages which have their broadcast flag set to 0, the fifth DHCP-DISCOVER message has its broadcast flag set to 1, which means the DHCP server returns a reply in broadcast.

The DHCP server fails to send replies in unicast because it has IP address 1.1.1.1/24 configured for Ethernet 1/0 and cannot find a route to the network segment 1.1.0.0/16. Therefore, the DHCP server fails to send the reply to 1.1.0.2 in unicast.

To solve the above problem, you can configure the address pool and the IP address of Ethernet 1/0 to be on the same network segment:

#                                                                              

dhcp server ip-pool 1                                                          

 network 1.1.1.0 mask 255.255.255.0                                             

#                                                                              

 

 

 

 

Copyright ©2008 Hangzhou H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.

The information in this document is subject to change without notice.