DHCP client can't obtain IP address from the DHCP server

Latest reply: Dec 27, 2018 07:45:07 459 5 0 0

as the topology shows below

client PC 1 can't obtain IP address from the DHCP server which is LSW1

3

we attempt to configure IP address manually, and ping DHCP server successfully.

then check DHCP relay configuration on LSW3 and DHCP server configuration on LSW1, both are correct.

checking configuration on LSW2, we find some configuration on interface G0/0/2 as below:

    dhcp snooping enable
    dhcp snooping check dhcp-giaddr enable

the second command line is used to check GIADDR field in the DHCP relay packet, if the GIADDR is not equal 0, the packet will be dropped.

GIADDR field in the DHCP packet stores the interface IP address of the DHCP relay, when enabling check dhcp-giaddr on the switch, the packets with the GIADDR field not equal 0 will be dropped.

when disable the DHCP snooping on the LSW2, the client PC can obtain IP address successfully.

BTW, enable DHCP snooping on the access device will bring a better effect, if the DHCP snooping is configured on the distribution devices, it may cause unexpected failures just like in this case.

  • x
  • convention:

PraveenD
Created Nov 20, 2018 05:19:27 Helpful(0) Helpful(0)

hi ,

please check this reference link .

http://support.huawei.com/enterprise/en/doc/EDOC1000178177/9a850989/(optional)-configuring-the-device-to-discard-dhcp-request-messages-when-giaddr-field-is-not-0
  • x
  • convention:

PraveenD
Created Nov 20, 2018 05:22:11 Helpful(0) Helpful(0)

above link is not working ,

http://support.huawei.com/enterprise/en/doc/EDOC1000178177/9a850989/(optional)-configuring-the-device-to-discard-dhcp-request-messages-when-giaddr-field-is-not-0

  • x
  • convention:

littlestone
Created Nov 27, 2018 11:34:53 Helpful(0) Helpful(0)

1. When the switch turns on DHCP-Snooping, DHCP messages will be intercepted, and IP address and MAC address information can be extracted and recorded from DHCP Request or DHCP Ack messages received. In addition, DHCP-Snooping allows a physical port to be set to a trusted or untrusted port. Trust ports can normally receive and forward DHCP Offer messages, while untrusted ports can discard received DHCP Offer messages. In this way, the switch can shield the counterfeit DHCP Server and ensure that the client obtains the IP address from the legitimate DHCP Server.
2. Since the DHCP server provides the user with a message containing the IP address assigned by the server to the user, the "dhcp offer" message enters the switch from the E1/0/2 port and forwards it, it is necessary to configure the port E1/0/2 as the "trust" port. If the switch upstream interface is configured as a Trunk port and connected to the DHCP relay device, it is also necessary to configure the upstream port as a "trust" port.
  • x
  • convention:

xiaomumu
Created Dec 24, 2018 01:43:20 Helpful(0) Helpful(0)

This post was last edited by xiaomumu at 2018-12-27 02:51. DHCP client cannot get IP address from DHCP server. What may be the reason?
  • x
  • convention:

dagui
Created Dec 27, 2018 07:45:07 Helpful(0) Helpful(0)

we attempt to configure IP address manually, and ping DHCP server successfully.How do you understand this sentence?
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login