DHCP_Simple

Taking an easy topic to review tonight, two DHCP Hosts (R1 and R2), along with a DHCP Server connected via L2 EC Bundled Trunks. This is really for my own practice / review, so you can skip this post if you have this nailed down for exam day, otherwise just a quick refresher / light topic to end my weekend here.

Lets delve right into the configuration on SW2!

SW2(config)#service dhcp
SW2(config)#ip dhcp pool LoopyPool
SW2(dhcp-config)#network ?
A.B.C.D Network number in dotted-decimal notation

SW2(dhcp-config)#network 10.0.0.0 ?
/nn or A.B.C.D Network mask or prefix length
<cr>

SW2(dhcp-config)#network 10.0.0.0 /24
SW2(dhcp-config)#default-router 10.0.0.1
SW2(dhcp-config)#dns-server 8.8.8.8
SW2(dhcp-config)#domain loopedback.com
SW2(dhcp-config)#lease ?
<0-365> Days
infinite Infinite lease

SW2(dhcp-config)#lease 7
SW2(dhcp-config)#^Z
SW2#wr
Building configuration…

*Mar 1 00:28:52.515: %SYS-5-CONFIG_I: Configured from console by console[OK]
SW2#

So pretty straight forward, I do need to reserve a small range of IP addresses so my SVI interfaces don’t get handed out, but I also wanted to take a quick look at “options”:

SW2(dhcp-config)#option ?
<0-254> DHCP option code

SW2(dhcp-config)#option 150 ?
ascii Data is an NVT ASCII string
hex Data is a hexadecimal string
instance Specify the option instance
ip Data is one or more IP addresses

SW2(dhcp-config)#option 150 ip ?
Hostname or A.B.C.D Server’s name or IP address

SW2(dhcp-config)#option 150 ip 10.0.0.5 ?
Hostname or A.B.C.D Server’s name or IP address
<cr>

SW2(dhcp-config)#option 150 ip 10.0.0.5 10.0.0.6 ?
Hostname or A.B.C.D Server’s name or IP address
<cr>

For those not familiar this option 150 is provided to Cisco phones via DHCP, not only providing them an IP Address, but 150 provides the IP Address shown above to their Cisco Call Manager / TFTP Servers that phones download their phone loads from.

So that is important to know more real world than the exam.

One thing that is very important that I did not include, is a reservation range!

As I certainly do not want Host A and Host B receiving my SVI Interface IP Addresses of .1 and .2 as I marked the entire 10.0.0.0/24 subnet as open game for DHCP!

The funny thing is, there is nowhere in the actual DHCP config to do it:

SW2(dhcp-config)#?
DHCP pool configuration commands:
accounting Send Accounting Start/Stop messages
address Configure a reserved address
bootfile Boot file name
class Specify a DHCP class
client-identifier Client identifier
client-name Client name
default-router Default routers
dns-server DNS servers
domain-name Domain name
exit Exit from DHCP pool configuration mode
hardware-address Client hardware address
host Client IP address and mask
import Programatically importing DHCP option parameters
lease Address lease time
netbios-name-server NetBIOS (WINS) name servers
netbios-node-type NetBIOS node type
network Network number and mask
next-server Next server in boot process
no Negate a command or set its defaults
option Raw DHCP options
origin Configure the origin of the pool
relay Function as a DHCP relay
remember Remember released bindings
renew Configure renewal policy
reserved-only Only allocate reserved addresses <- Close but not it
server Configure the server ID option value
subnet Subnet allocation commands
update Dynamic updates
utilization Configure various utilization parameters
vrf Associate this pool with a VRF

SW2(dhcp-config)#

Nothing!

You have to actually back out to global configuration to configure an exclusion list:

SW2(dhcp-config)#exit
SW2(config)#ip dhcp ?
aaa Configure aaa attributes
binding DHCP address bindings
bootp BOOTP specific configuration
class Configure DHCP classes
conflict DHCP address conflict parameters
database Configure DHCP database agents
excluded-address Prevent DHCP from assigning certain addresses
limit Limit DHCP Lease
limited-broadcast-address Use all 1’s broadcast address
ping Specify ping parameters used by DHCP
pool Configure DHCP address pools
relay DHCP relay agent parameters
remember Remember released bindings
route Specify the type of routes for clients on
unnumbered interfaces
smart-relay Enable Smart Relay feature
snooping DHCP Snooping
subscriber-id Global subscriber-id configuration
use Configure use of certain parameters during
allocation

SW2(config)#ip dhcp excluded-address ?
A.B.C.D Low IP address
vrf VRF name for excluded address range

SW2(config)#ip dhcp excluded-address 10.0.0.1 ?
A.B.C.D High IP address
<cr>

SW2(config)#ip dhcp excluded-address 10.0.0.1 10.0.0.20 ?
<cr>

SW2(config)#ip dhcp excluded-address 10.0.0.1 10.0.0.20
SW2(config)#

So remember to exclude a range of IP addresses, it is Global Config, not DHCP config!

One other thing I like to do out of habit, even if there are no layer 3 boundaries here, but in the real world I always want to put the “ip helper-address” in the correct gateway interface to future proof it in case some day a Layer 3 boundary is put between the two:

SW1(config)#int vlan 10
SW1(config-if)#
SW1(config-if)#ip helper-address 10.0.0.2 ?
<cr>

SW1(config-if)#ip helper-address 10.0.0.2
SW1(config-if)#

Honestly if a Layer 3 boundary were put between SW1 and SW2, SW2 would probably be on another network, but I like to have that command there as it checks off one box immediately in troubleshooting having it there when phones won’t boot properly.

Now for some debugging on the DHCP Server, and turn on DHCP for Hosts A and B!

Lets start with enabled debugs on SW2:

SW2#debug dhcp ?
detail DHCP packet content
redundancy DHCP client redundancy support
<cr>

SW2#debug dhcp detail ?
<cr>

SW2#debug dhcp detail
DHCP client activity debugging is on (detailed)
SW2#

Funny how earlier model switches had more options like “events” and “packet” in this list, but I will settle for “detail” as you can never have too much info, right?

This actually took a lot of work to catch my derps along the configuration:

  • Vlan1 was down on SW1 for some reason
  • Vlan10 interface / SVI did not exist or have an IP address
  • I had not yet moved HostB to SW1 from my last lab (was still on SW2)
  • Pings from R1 were still showing a weird error message when finally:

HostA#
HostA#ping 10.0.0.1
% Unrecognized host or address, or protocol not running.  <- What???

HostA#sh ip route
(Route codes redacted)

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S* 0.0.0.0/0 is directly connected, FastEthernet0/1
HostA#
*May 20 03:35:43.067: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/1 assigned DHCP address 10.0.0.22, mask 255.255.255.0, hostname HostA

Somewhere along the way of troubleshooting my little laundry list of items there, it popped into the console it had acquired an IP Address, hooray!

Host A

HostA#sh int fa0/1
FastEthernet0/1 is up, line protocol is up
Hardware is Gt96k FE, address is 001e.f797.f14b (bia 001e.f797.f14b)
Internet address is 10.0.0.22/24

Host B

HostB#sh ip int bri
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES NVRAM administratively down down
FastEthernet0/1 10.0.0.21 YES DHCP up up
HostB#

I didn’t get debug info on SW2, but will finish with some DHCP verification!

This command will actually show you info on ALL pools and their stats:

SW2#sh ip dhcp pool

Pool LoopyPool :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 254
Leased addresses : 2
Excluded addresses : 20
Pending event : none
1 subnet is currently in the pool :
Current index IP address range Leased/Excluded/Total
10.0.0.23 10.0.0.1 – 10.0.0.254 2 / 20 / 254
SW2#

Won’t bother parsing out that last table, but you get the idea there, shows how many addresses are leased / the pool and excluded addy range / Pool Name at the top / Etc.

To show who exactly is holding these IP Addresses:

SW2#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
10.0.0.21 0063.6973.636f.2d30. Mar 08 1993 01:07 AM Automatic
3031.622e.3533.3336.
2e66.3263.642d.4661.
302f.31
10.0.0.22 0063.6973.636f.2d30. Mar 08 1993 01:08 AM Automatic
3031.652e.6637.3937.
2e66.3134.622d.4661.
302f.31
SW2#

I am not sure where those MAC addresses come from, I’ve looked around the equipment and am not seeing it on Host interfaces, VLAN SVI’s, etc. I am sure it is in some obscure notes I labbed in the past that I don’t really care to unearth tonight 🙂

However you can see what IP Addresses are assigned, when they were assigned, and I know my other DHCP post does go much further into the static Binding MAC addresses, however it gets pretty murky pretty fast and I don’t want to bring that discussion here.

And that is all the further I will get into DHCP settings, they are fairly straight forward, you just need to troubleshoot your VLANs and SVI’s if issues arise!

Funny how these quick labs always turn into hours of labbing / troubleshooting as my mind will not let me sleep until I know the resolution to the issue 🙂

Until next time stay Grinding my fellow CCNP Candidates!!!