RE: Can block DHCP traffic at layer 2 switch? [7:73489]

[Reimer, Fred]

VACL, VACL, VACL.

See here:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_1/confg_gd/
acc_list.htm#26922

It gives you the exact commands to limit DHCP responses to specific
server(s).

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Charles D Hammonds [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 04, 2003 10:20 PM
To: [EMAIL PROTECTED]
Subject: RE: Can block DHCP traffic at layer 2 switch? [7:73489]

only thing I would know to do at L2 is port security... just lock it down to
pre-identified MACs to prevent users from throwing unauthorized boxes on the
network.

Charles

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, August 04, 2003 6:23 PM
To: [EMAIL PROTECTED]
Subject: Can block DHCP traffic at layer 2 switch? [7:73489]


Dear All,

We have configured DHCP server at the CORE switch and this will assign the
ip address to the client located at edge switch.
PC---edge switch-GE uplink---CORE---DHCP server
(The network is pure Layer 2 network)

But we are afraid that some end users will place their own DHCP server at
the edge switch so it will interrupt the normal ip address assignment. Any
method to block the unauthorized DCHP server?

TIA.

Lo Ching
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73506t=73489
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Can block DHCP traffic at layer 2 switch? [7:73489]

[Lo Ching]

Dear All,

We have configured DHCP server at the CORE switch and this will assign the
ip address to the client located at edge switch.
PC---edge switch-GE uplink---CORE---DHCP server
(The network is pure Layer 2 network)

But we are afraid that some end users will place their own DHCP server at
the edge switch so it will interrupt the normal ip address assignment. Any
method to block the unauthorized DCHP server?

TIA.

Lo Ching


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73489t=73489
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Can block DHCP traffic at layer 2 switch? [7:73489]

[p b]

Not sure what filtering capabilities you have on the switch,
but you might be able to set all of the subscriber facing 
ports to block the forwarding out of DHCP DISCOVERs and REBINDS
requests.  I forget the details, but you can determine the
directionality of the DHCP requests (DISCOVERs/REBINDs vs
OFFERs/ACKs) based on the UDP port numbers and set in/out
filters accordingly.

The cable companies encode similar filters in your cable
modem to prevent someone with a DHCP server in their home
from hearing and responding to DHCP requests from the rest
of the neighborhood.



Lo Ching wrote:
 
 Dear All,
 
 We have configured DHCP server at the CORE switch and this will
 assign the ip address to the client located at edge switch.
 PC---edge switch-GE uplink---CORE---DHCP server
 (The network is pure Layer 2 network)
 
 But we are afraid that some end users will place their own DHCP
 server at the edge switch so it will interrupt the normal ip
 address assignment. Any method to block the unauthorized DCHP
 server?
 
 TIA.
 
 Lo Ching




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73503t=73489
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Can block DHCP traffic at layer 2 switch? [7:73489]

[Charles D Hammonds]

only thing I would know to do at L2 is port security... just lock it down to
pre-identified MACs to prevent users from throwing unauthorized boxes on the
network.

Charles

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, August 04, 2003 6:23 PM
To: [EMAIL PROTECTED]
Subject: Can block DHCP traffic at layer 2 switch? [7:73489]


Dear All,

We have configured DHCP server at the CORE switch and this will assign the
ip address to the client located at edge switch.
PC---edge switch-GE uplink---CORE---DHCP server
(The network is pure Layer 2 network)

But we are afraid that some end users will place their own DHCP server at
the edge switch so it will interrupt the normal ip address assignment. Any
method to block the unauthorized DCHP server?

TIA.

Lo Ching
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73491t=73489
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ????DHCP Problem???? [7:71667]

[Troy Leliard]

It also depends on how your ISP is assigning IP addresses  My Cable provider
only assigned IP's to registered MAC addresses.  In this case you can either
register you E1 mac address with them, or you can spoof a  registered mac
address.

Below is a snipet of one of my routers spoofing a MAC address, and
configured to received its IP address via DHCP.

interface Ethernet0
 mac-address 0030.ab14.537a
 ip address dhcp client-id Ethernet0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71776t=71667
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ????DHCP Problem???? [7:71667]

[John Q Public]

UPDATE!!!

I was able to get an IP on my 806 off my linksys, thru DHCP after I removed
the ip verify unicast reverse-path command , but still unable to get one
from my ISP thru my cable modem, even though I can get one on my linksys and
direct to my PC off the same modem, kinda weird, maybe Cisco uses a
different port # for DHCP requests and my ISP may not recognize it or be
blocking it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71674t=71667
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ????DHCP Problem???? [7:71667]

[- jvd]

Try 
interface ethernet 1
   ip address negotiated

I've seen some configuration like this before and believe it is when the
other side is running a DHCP server.

Kind regards,
Janó


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71732t=71667
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

????DHCP Problem???? [7:71667]

[John Q Public]

Hi,

I have started a home lab and have a Cisco 806 router with IOS 12.2 IP F/W
Plus installed on it. I am trying to set up the 806 to be my gateway between
my home network and my cable modem. I have set up nat and have that working
properly, and I have tried RIP v2 running between the 806 and Linksys, which
works ok, my problem is that I can't pull a DHCP IP address from my ISP from
my e1 int to save my life, I can get an ip on my linksys off the cable modem
and direct into my PC just fine but when I try it on my 806 no matter what I
try it just wont take an IP off my cable modem, I know it has to be
something in my config, because my modem works fine everywhere else, if you
guys could take a look at my config and help me out I would appreciate it -
THANKS!!!

806#sh ru
Building configuration...

Current configuration : 1726 bytes
!
version 12.2
no parser cache
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 806
!
logging console informational
!

clock timezone PST -8
clock summer-time PDT recurring
ip subnet-zero
no ip source-route
no ip domain lookup
ip name-server x.x.x.x
ip name-server x.x.x.x
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.2
ip dhcp ping packets 1
ip dhcp ping timeout 100
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
ip dhcp pool client
!
no ip bootp server
ip cef
!
!
!
interface Ethernet0
ip address 10.10.10.3 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip nat inside
no cdp enable
hold-queue 32 in
hold-queue 100 out
!
interface Ethernet1
description Internet
ip address dhcp
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip nat outside
no cdp enable
!
ip nat log translations syslog
ip nat inside source list 1 interface Ethernet0 overload
no ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
no ip http server
!
!
access-list 1 permit any
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
no cdp run
!
line con 0
exec-timeout 120 0
logging synchronous
stopbits 1
line vty 0 4
exec-timeout 0 0
exec prompt timestamp
length 0
!
scheduler max-task-time 5000
scheduler interval 500
end 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71667t=71667
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ????DHCP Problem???? [7:71667]

[John Q Public]

UPDATE!!!

I was able to get an IP on my 806 off my linksys, thru DHCP after I removed
the ip verify unicast reverse-path command , but still unable to get one
from my ISP thru my cable modem, even though I can get one on my linksys and
direct to my PC off the same modem, kinda weird, maybe Cisco uses a
different port # for DHCP requests and my ISP may not recognize it or be
blocking it


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71673t=71667
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: dhcp packets not visible in 6509 [7:70898]

[Tom Martin]

Vik,

There could be any number of reasons that DHCP isn't working. The client 
may not be requesting DHCP, the switch may not have portfast enabled, a 
router not having an IP helper address, DHCP server offline, DHCP server 
without a scope for the VLAN, and so on.

Perform a packet trace from the DHCP client and if necessary on the DHCP 
server (using SPAN). You will be able to determine the problem by 
identifying which packets are present in the capture and which are not.

For example, you may find that the client sends a DHCP discovery packet 
but does not receive an offer packet from the DHCP server. If you see 
the same behavior on the server port (discovery, no offer) then it's 
possible that:

  - The DHCP server isn't operational or the service/daemon isn't running
  - The DHCP server doesn't have a scope defined for that VLAN
  - The DHCP server has run out of IP addresses for that VLAN

On the other hand, if you the capture shows a discovery packet is sent 
by the client but the packet is never seen by the DHCP server it's much 
more likely that you have a missing (or incorrect) IP helper address.

Once you perform the packet capture(s) you will probably need no further 
help. If you do, the information obtained from the capture would be 
enough for the group to point you in the right direction.

- Tom

Vik Vikky wrote:
 Hi *,
 
 am fairly new to cisco products/ commands.
 
 have a problem
 got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get 
 DHCP broadcast /address from the main dhcp server.
 configured all the ports to respective vlan-x and at the routing module in
a
 core switch (6509 with msfc) I hv given the ip helperaddress for this vlan.
 rest of the catalyst 4006 switch fetches dhcp frm this scope.
 
 Below is the module capabilities:
 
 Type 10/100BaseTX
 Speedauto,10,100
 Duplex   half,full
 Trunk encap type 802.1Q,ISL
 Trunk mode   on,off,desirable,auto,nonegotiate
 Channel  yes
 Broadcast suppressionpercentage(0-100)
 Flow control receive-(off,on),send-(off)
 Security yes
 Dot1xyes
 Membership   static,dynamic
 Fast start   yes
 QOS scheduling   rx-(1q4t),tx-(2q2t)
 CoS rewrite  yes
 ToS rewrite  DSCP
 UDLD yes
 Inline power no
 AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none
 SPAN source,destination
 COPS port group  3/1-48
 Link debounce timer  yes
 
 
 Module configuration:
 
 set vlan 68   3/1-48
 set port auxiliaryvlan 3/1-48 none
 set port qos 3/1-48 trust-ext untrusted
 set port qos 3/1-48 cos-ext 0
 set port enable 3/1-48
 set port speed  3/1-48  auto
 set port trap   3/1-48  enable
 set port name   3/1-48
 set port dot1x 3/1-48 port-control force-autho
 set port dot1x 3/1-48 multiple-host disable
 set port dot1x 3/1-48 re-authentication disabl
 set port security 3/1-48 disable age 0 maximum
 set port broadcast  3/1-48  100.00%
 set port membership 3/1-48  static
 set port protocol 3/1-48 ip on
 set port protocol 3/1-48 ipx auto
 set port protocol 3/1-48 group auto
 set port flowcontrol3/1-48 send off
 set port flowcontrol3/1-48 receive off
 set cdp enable   3/1-48
 set udld disable 3/1-48
 set udld aggressive-mode disable 3/1-48
 
 Cat-OS version:
 
 cat6000-sup.6-3-9.bin
 
 
 
 Can you guide me, anything I am missing out.
 
 Thank you
 
 _
 Get 10mb of inbox space with MSN Hotmail Extra Storage 
 http://join.msn.com/?pgmarket=en-sg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70926t=70898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

dhcp packets not visible in 6509 [7:70898]

[Vik Vikky]

Hi *,

am fairly new to cisco products/ commands.

have a problem
got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get 
DHCP broadcast /address from the main dhcp server.
configured all the ports to respective vlan-x and at the routing module in a 
core switch (6509 with msfc) I hv given the ip helperaddress for this vlan.
rest of the catalyst 4006 switch fetches dhcp frm this scope.

Below is the module capabilities:

Type 10/100BaseTX
Speedauto,10,100
Duplex   half,full
Trunk encap type 802.1Q,ISL
Trunk mode   on,off,desirable,auto,nonegotiate
Channel  yes
Broadcast suppressionpercentage(0-100)
Flow control receive-(off,on),send-(off)
Security yes
Dot1xyes
Membership   static,dynamic
Fast start   yes
QOS scheduling   rx-(1q4t),tx-(2q2t)
CoS rewrite  yes
ToS rewrite  DSCP
UDLD yes
Inline power no
AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none
SPAN source,destination
COPS port group  3/1-48
Link debounce timer  yes


Module configuration:

set vlan 68   3/1-48
set port auxiliaryvlan 3/1-48 none
set port qos 3/1-48 trust-ext untrusted
set port qos 3/1-48 cos-ext 0
set port enable 3/1-48
set port speed  3/1-48  auto
set port trap   3/1-48  enable
set port name   3/1-48
set port dot1x 3/1-48 port-control force-autho
set port dot1x 3/1-48 multiple-host disable
set port dot1x 3/1-48 re-authentication disabl
set port security 3/1-48 disable age 0 maximum
set port broadcast  3/1-48  100.00%
set port membership 3/1-48  static
set port protocol 3/1-48 ip on
set port protocol 3/1-48 ipx auto
set port protocol 3/1-48 group auto
set port flowcontrol3/1-48 send off
set port flowcontrol3/1-48 receive off
set cdp enable   3/1-48
set udld disable 3/1-48
set udld aggressive-mode disable 3/1-48

Cat-OS version:

cat6000-sup.6-3-9.bin



Can you guide me, anything I am missing out.

Thank you

_
Get 10mb of inbox space with MSN Hotmail Extra Storage 
http://join.msn.com/?pgmarket=en-sg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70898t=70898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RES: dhcp packets not visible in 6509 [7:70898]

[Henrique Issamu Terada]

Did you enable spannint-tree portfast ? 
I'd use set port host instead , which includes STP portfast, aomong other
things . . . 

 _ 
 Henrique Issamu Terada, CCIE # 7460
 IT Support - Open Network
 CPM S.A. - Tecnologia criando valor 
 Tel.: 55 11 4196-0710
 Fax: 55 11 4196-0900
 [EMAIL PROTECTED]
 www.cpm.com.br
 --
 ---
 Esta mensagem pode conter informagco confidencial e/ou privilegiada.  Se
 vocj nco for o destinatario ou a pessoa autorizada a receber esta
 mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas
 ou tomar qualquer agco baseada nessas informagues.  Se vocj recebeu esta
 mensagem por engano, por favor avise imediatamente o remetente,
 respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. 
 
 This message may contain confidential and/or privileged information. If
 you are not the addressee or authorized to receive this for the addressee,
 you must not use, copy,  disclose or take any action based on this message
 or any information herein. If you have received this message in error,
 please advise the sender immediately by reply e-mail and delete this
 message. Thank you for your cooperation.
 
 
 -Mensagem original-
 De:   Vik Vikky [SMTP:[EMAIL PROTECTED]
 Enviada em:   quarta-feira, 18 de junho de 2003 22:14
 Para: [EMAIL PROTECTED]
 Assunto:  dhcp packets not visible in 6509 [7:70898]
 
 Hi *,
 
 am fairly new to cisco products/ commands.
 
 have a problem
 got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get 
 DHCP broadcast /address from the main dhcp server.
 configured all the ports to respective vlan-x and at the routing module in
 a 
 core switch (6509 with msfc) I hv given the ip helperaddress for this
 vlan.
 rest of the catalyst 4006 switch fetches dhcp frm this scope.
 
 Below is the module capabilities:
 
 Type 10/100BaseTX
 Speedauto,10,100
 Duplex   half,full
 Trunk encap type 802.1Q,ISL
 Trunk mode   on,off,desirable,auto,nonegotiate
 Channel  yes
 Broadcast suppressionpercentage(0-100)
 Flow control receive-(off,on),send-(off)
 Security yes
 Dot1xyes
 Membership   static,dynamic
 Fast start   yes
 QOS scheduling   rx-(1q4t),tx-(2q2t)
 CoS rewrite  yes
 ToS rewrite  DSCP
 UDLD yes
 Inline power no
 AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none
 SPAN source,destination
 COPS port group  3/1-48
 Link debounce timer  yes
 
 
 Module configuration:
 
 set vlan 68   3/1-48
 set port auxiliaryvlan 3/1-48 none
 set port qos 3/1-48 trust-ext untrusted
 set port qos 3/1-48 cos-ext 0
 set port enable 3/1-48
 set port speed  3/1-48  auto
 set port trap   3/1-48  enable
 set port name   3/1-48
 set port dot1x 3/1-48 port-control force-autho
 set port dot1x 3/1-48 multiple-host disable
 set port dot1x 3/1-48 re-authentication disabl
 set port security 3/1-48 disable age 0 maximum
 set port broadcast  3/1-48  100.00%
 set port membership 3/1-48  static
 set port protocol 3/1-48 ip on
 set port protocol 3/1-48 ipx auto
 set port protocol 3/1-48 group auto
 set port flowcontrol3/1-48 send off
 set port flowcontrol3/1-48 receive off
 set cdp enable   3/1-48
 set udld disable 3/1-48
 set udld aggressive-mode disable 3/1-48
 
 Cat-OS version:
 
 cat6000-sup.6-3-9.bin
 
 
 
 Can you guide me, anything I am missing out.
 
 Thank you
 
 _
 Get 10mb of inbox space with MSN Hotmail Extra Storage 
 http://join.msn.com/?pgmarket=en-sg
 Incoming mail is certified Virus Free.
 Checked by AVG anti-virus system (http://www.grisoft.com).
 Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003
  
 
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70902t=70898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: dhcp packets not visible in 6509 [7:70898]

[Ronnie Higginbotham]

you need to enable portfast.  Read about portfast.

Set spantree portfast enable ( I think this is the syntax I don't have a
6509 in front of me now.)


Vik Vikky  wrote in message
news:[EMAIL PROTECTED]
 Hi *,

 am fairly new to cisco products/ commands.

 have a problem
 got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get
 DHCP broadcast /address from the main dhcp server.
 configured all the ports to respective vlan-x and at the routing module in
a
 core switch (6509 with msfc) I hv given the ip helperaddress for this
vlan.
 rest of the catalyst 4006 switch fetches dhcp frm this scope.

 Below is the module capabilities:

 Type 10/100BaseTX
 Speedauto,10,100
 Duplex   half,full
 Trunk encap type 802.1Q,ISL
 Trunk mode   on,off,desirable,auto,nonegotiate
 Channel  yes
 Broadcast suppressionpercentage(0-100)
 Flow control receive-(off,on),send-(off)
 Security yes
 Dot1xyes
 Membership   static,dynamic
 Fast start   yes
 QOS scheduling   rx-(1q4t),tx-(2q2t)
 CoS rewrite  yes
 ToS rewrite  DSCP
 UDLD yes
 Inline power no
 AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none
 SPAN source,destination
 COPS port group  3/1-48
 Link debounce timer  yes


 Module configuration:

 set vlan 68   3/1-48
 set port auxiliaryvlan 3/1-48 none
 set port qos 3/1-48 trust-ext untrusted
 set port qos 3/1-48 cos-ext 0
 set port enable 3/1-48
 set port speed  3/1-48  auto
 set port trap   3/1-48  enable
 set port name   3/1-48
 set port dot1x 3/1-48 port-control force-autho
 set port dot1x 3/1-48 multiple-host disable
 set port dot1x 3/1-48 re-authentication disabl
 set port security 3/1-48 disable age 0 maximum
 set port broadcast  3/1-48  100.00%
 set port membership 3/1-48  static
 set port protocol 3/1-48 ip on
 set port protocol 3/1-48 ipx auto
 set port protocol 3/1-48 group auto
 set port flowcontrol3/1-48 send off
 set port flowcontrol3/1-48 receive off
 set cdp enable   3/1-48
 set udld disable 3/1-48
 set udld aggressive-mode disable 3/1-48

 Cat-OS version:

 cat6000-sup.6-3-9.bin



 Can you guide me, anything I am missing out.

 Thank you

 _
 Get 10mb of inbox space with MSN Hotmail Extra Storage
 http://join.msn.com/?pgmarket=en-sg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70903t=70898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Can't get a PIX 506 to get DHCP from Comcast Cable. [7:64209]

[H Howard Lewis Bloom]

I updated a PIX 506 with 6.2.2 and the lastest PDM.  I did the setup
through the PDM, setup PAT for the outside to inside interface, and
told it to use DHCP to acquire on the outside interface.

Comcast assigns IP addresses in the Philadelphia area according to the
MAC address, so if you change the network card or device attached to
the cable modem you'll get a different IP.

I turned the modem off, attached the Pix, turned on the modem, and
then fired up the PiX.  

The standard settings in the PDM  should work, but it isn't.

Has anyone had any luck getting the Pix to get dhcp from Comcast?

Howard Bloom
610-745-0115




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64209t=64209
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can't get a PIX 506 to get DHCP from Comcast Cable. [7:64211]

[Michael Gunnels]

Works fine for me...

ip address outside dhcp setroute
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0

Mike

--- H Howard Lewis Bloom 
wrote:
 I updated a PIX 506 with 6.2.2 and the lastest PDM. 
 I did the setup
 through the PDM, setup PAT for the outside to inside
 interface, and
 told it to use DHCP to acquire on the outside
 interface.
 
 Comcast assigns IP addresses in the Philadelphia
 area according to the
 MAC address, so if you change the network card or
 device attached to
 the cable modem you'll get a different IP.
 
 I turned the modem off, attached the Pix, turned on
 the modem, and
 then fired up the PiX.  
 
 The standard settings in the PDM  should work, but
 it isn't.
 
 Has anyone had any luck getting the Pix to get dhcp
 from Comcast?
 
 Howard Bloom
 610-745-0115
[EMAIL PROTECTED]


__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64211t=64211
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can't get a PIX 506 to get DHCP from Comcast C [7:64211]

[Shearer Jason]

Do you have any kind of access lists that are blocking private addresses
from the outside?  I had an issue with Time Warner sourcing their DHCP from
a 10dot address and I had an ACL on my 2600 blocking all private addresses. 
What are you getting on your syslog?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64215t=64211
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can't get a PIX 506 to get DHCP from Comcast Cable. [7:64222]

[eric nguyen]

if it doesn't work, try to do this mannually in configuration mode:
ip address outside dhcp setroute retry 5
You may have to do it several times for it to work.  I live in MD and my
cable modem
provider is comcast and it works.
 H Howard Lewis Bloom  wrote:I updated a PIX 506 with 6.2.2 and the lastest
PDM. I did the setup
through the PDM, setup PAT for the outside to inside interface, and
told it to use DHCP to acquire on the outside interface.

Comcast assigns IP addresses in the Philadelphia area according to the
MAC address, so if you change the network card or device attached to
the cable modem you'll get a different IP.

I turned the modem off, attached the Pix, turned on the modem, and
then fired up the PiX. 

The standard settings in the PDM should work, but it isn't.

Has anyone had any luck getting the Pix to get dhcp from Comcast?

Howard Bloom
610-745-0115
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, and more




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64222t=64222
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DHCP Relay [7:63625]

[Stuart Pittwood]

Hi all,



A simple DHCP question for you.



How do I configure the router (Cisco 1720) at our remote site to forward
DHCP requests back to our Windows 2000 DHCP server at the head office?



IOS Version is 12.0(3)T  both routers are identical



Cheers



Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63625t=63625
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP Relay [7:63625]

[M.C. van den Bovenkamp]

Stuart Pittwood wrote:

 How do I configure the router (Cisco 1720) at our remote site to forward
 DHCP requests back to our Windows 2000 DHCP server at the head office?

Look at 'ip helper-address'.

Regards,

Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63626t=63625
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DNS and DHCP question [7:63663]

[John McGinn]

Hi all,
A quick question. 803 router, 12.0(4) IOS.
Is it possible to acquire DNS server addresses dynamically from an ISP and
then distribute them via DHCP to a NATted LAN?  I can't seem to work out how
to do this.

John McGinn




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63663t=63663
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62947]

[Tunde Kalejaiye]

The problem was sorted with portfasta big thankyou to all that helped and
all that criticised




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62947t=62947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Tom Martin]

Tunde,

If configuring static IP addresses served as a temporary workaround, your
problem is DHCP.  Enabling Spanning Tree portfast on the ports to which
stations directly attach will fix your problem:

   set spantree portfast  enable

- Tom

On Fri, 07 Feb 2003 12:16:47 +, Tunde Kalejaiye wrote:

 hi all,
 
 we just upgraded our network to a switched, a catalyst 4006 to be
 exactsome users have been getting 'no domain server available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance
 
 Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62702t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Tom Martin]

Tunde,

If configuring static IP addresses served as a temporary workaround, your
problem is DHCP.  Enabling Spanning Tree portfast on the ports to which
stations directly attach will fix your problem:

   set spantree portfast  enable

- Tom

On Fri, 07 Feb 2003 12:16:47 +, Tunde Kalejaiye wrote:

 hi all,
 
 we just upgraded our network to a switched, a catalyst 4006 to be
 exactsome users have been getting 'no domain server available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance
 
 Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62695t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[tunde kalejaiye]

the problem is dhcp...the client doesnt get an ip address hence the no
domain controllererror message. i have enabled portfast on a few of the
ports and i am waiting to get results on mondayi will keep u posted.

regards,

Tunde


- Original Message -
From: Priscilla Oppenheimer 
To: 
Sent: Friday, February 07, 2003 11:22 PM
Subject: RE: Catalyst 4000 and DHCP [7:62632]


 Waters, Kristina wrote:
 
  I am curious as to whether anything else got upgraded besides
  the new
  switch. I got the impression that this wasn't a problem before
  the upgrade,
  in which case portfast could definitely be the culprit.
  However, you could
  also see this error if DNS is improperly configured in a win2k
  domain. Also,
  I'm not sure about this, but if the 4006 has a sup3 or sup4,
  could the
  problem be related to layer 3?

 Sure it could. He says all that he did was put a switch in, but there's a
 good chance he did more than that, but we may never know... Sigh. But a
new
 switch might imply that he also put in VLANs, a L3 module, etc.

 When people send in questions, it would be nice if they would send in
enough
 info so we could do more than guess. It would be nice if they would
provide
 a follow-up also and let us know what the problem really was and what
fixed
 it.

 Some people can't stand the out of the office messages.

 I can't stand the messages that ressemble someone calling their doctor on
 the phone and saying no more than, Hey doc, I'm tired. Why?

 Now, if you go to the doctor in person, this might be OK because then the
 doctor can examine you. Here the analogy falls apart. We can't examine
 someone else's network. However, the wise poster will communicate info to
us
 about their examination of their network to help us help them. (This isn't
 targetted at the original poster specifically, who did supply at least
some
 info.)

 Troubleshooting should be done systematically. It's not a guessing game.

 Hope we learn more about what the issue was! It could be educational for
 many of us.

 Priscilla

 
  Kris
 
 
 
  -Original Message-
  From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
  Sent: Friday, February 07, 2003 1:24 PM
  To: [EMAIL PROTECTED]
  Subject: RE: Catalyst 4000 and DHCP [7:62632]
 
 
  Tunde Kalejaiye wrote:
  
   hi all,
  
   we just upgraded our network to a switched, a catalyst 4006
  to be
   exactsome users have been getting 'no domain server
   available '
   error message. they usually have to try more than 4 - 6 times
  to
   successfully log on to the network.
   has anybody come across this problem before? what work around
   did u use
   besides configuring static ip addresses?
   thanks for your response(s) in advance
 
  Your message title implies that there's a problem with DHCP,
  but then your
  message text implies that the problem is with Windows
  networking,
  specifically a client trying to reach the domain controller? (I
  assume you
  mean the Windows type domain server and not the IP Domain Name
  System.)
 
  So, verify for yourself and us that DHCP is working first. If
  the failure is
  with DHCP, try the stuff other folks recommended. Enable
  portfast so that
  the clients can start receiving replies to their DHCP request
  ASAP. Also,
  you may need a helper address, depending on where your DHCP
  server is
  located. Feel free to send us more info about your topology and
  configuration.
 
  Then, you have to get Winblows working. I did have all sorts of
  problems
  getting this to work with a consulting client who had upgraded
  to VLANs.
  Unfortunately, he fixed the problems in the end without my
  help, so I don't
  know the details, one of the frustrating things about being a
  consulant. (A
  lot of help that is. ;-) But you could look through some Group
  Study
  messages from about a month ago. A bunch of folks had ideas to
  help. I think
  the title of the thread was something about Windows Networking.
 
  Here's one message that a wise person on the list sent' I've
  forgotten who,
  sorry.
 
  Simplest solution is to put a WINS Server on the Subnet that
  can't find the
  DC. Configure it to replicate with the DC on the other Subnet,
  or Statically
  configure the Domain Name entry for the NT Domain on the WINS
  Server in the
  troubled subnet. Your DC Not Found issue should be resolved
  then.
 
  More Administratively intensive solution is to modify the
  LMHOSTS file to
  have the following entry on every Windows Workstation/Server in
  the troubled
  subnet.
 
  IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name
 
 
  Microsoft has tons of documentation on this sort of thing.
 
  Keep us posted! Thanks,
 
  Priscilla
 
 
  
   Tunde
  **
  This email and any files transmitted with it are confidential
  and
  intended solely for the use of the individual or entity to whom
  they
  are addressed. If you have received this email in error

Re: Catalyst 4000 and DHCP [7:62632]

[Priscilla Oppenheimer]

tunde  kalejaiye wrote:
 
 the problem is dhcp...the client doesnt get an ip address hence
 the no
 domain controllererror message. i have enabled portfast on
 a few of the
 ports and i am waiting to get results on mondayi will keep
 u posted.
 
 regards,
 

Thanks for getting back to us. This is how Group Study should work! I guess
I shouldn't have gone off on a tangent with some guesses about something
other than this obvious thing being wrong. :-) Sometimes when we have
information about only one symptom, the obvious hypothesis is right. Often
that's not the case, though, and more info should be gathered.

Probably the client ends up with an address from the Microsoft Automatic
Private IP Addressing scheme, 169.254.0.1 through 169.254.255.254. Depending
on the OS, a lot of machines choose for themselves one of these addresses if
set to receive an address dynamically and DHCP fails. That would have been
the additional clue that would have helped solidify a good hypotheses.

Thanks to everyone who participated.

Do keep us posted! Thanks!

Priscilla

 Tunde
 
 
 - Original Message -
 From: Priscilla Oppenheimer 
 To: 
 Sent: Friday, February 07, 2003 11:22 PM
 Subject: RE: Catalyst 4000 and DHCP [7:62632]
 
 
  Waters, Kristina wrote:
  
   I am curious as to whether anything else got upgraded
 besides
   the new
   switch. I got the impression that this wasn't a problem
 before
   the upgrade,
   in which case portfast could definitely be the culprit.
   However, you could
   also see this error if DNS is improperly configured in a
 win2k
   domain. Also,
   I'm not sure about this, but if the 4006 has a sup3 or sup4,
   could the
   problem be related to layer 3?
 
  Sure it could. He says all that he did was put a switch in,
 but there's a
  good chance he did more than that, but we may never know...
 Sigh. But a
 new
  switch might imply that he also put in VLANs, a L3 module,
 etc.
 
  When people send in questions, it would be nice if they would
 send in
 enough
  info so we could do more than guess. It would be nice if they
 would
 provide
  a follow-up also and let us know what the problem really was
 and what
 fixed
  it.
 
  Some people can't stand the out of the office messages.
 
  I can't stand the messages that ressemble someone calling
 their doctor on
  the phone and saying no more than, Hey doc, I'm tired. Why?
 
  Now, if you go to the doctor in person, this might be OK
 because then the
  doctor can examine you. Here the analogy falls apart. We
 can't examine
  someone else's network. However, the wise poster will
 communicate info to
 us
  about their examination of their network to help us help
 them. (This isn't
  targetted at the original poster specifically, who did supply
 at least
 some
  info.)
 
  Troubleshooting should be done systematically. It's not a
 guessing game.
 
  Hope we learn more about what the issue was! It could be
 educational for
  many of us.
 
  Priscilla
 
  
   Kris
  
  
  
   -Original Message-
   From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
   Sent: Friday, February 07, 2003 1:24 PM
   To: [EMAIL PROTECTED]
   Subject: RE: Catalyst 4000 and DHCP [7:62632]
  
  
   Tunde Kalejaiye wrote:
   
hi all,
   
we just upgraded our network to a switched, a catalyst
 4006
   to be
exactsome users have been getting 'no domain server
available '
error message. they usually have to try more than 4 - 6
 times
   to
successfully log on to the network.
has anybody come across this problem before? what work
 around
did u use
besides configuring static ip addresses?
thanks for your response(s) in advance
  
   Your message title implies that there's a problem with DHCP,
   but then your
   message text implies that the problem is with Windows
   networking,
   specifically a client trying to reach the domain
 controller? (I
   assume you
   mean the Windows type domain server and not the IP Domain
 Name
   System.)
  
   So, verify for yourself and us that DHCP is working first.
 If
   the failure is
   with DHCP, try the stuff other folks recommended. Enable
   portfast so that
   the clients can start receiving replies to their DHCP
 request
   ASAP. Also,
   you may need a helper address, depending on where your DHCP
   server is
   located. Feel free to send us more info about your topology
 and
   configuration.
  
   Then, you have to get Winblows working. I did have all
 sorts of
   problems
   getting this to work with a consulting client who had
 upgraded
   to VLANs.
   Unfortunately, he fixed the problems in the end without my
   help, so I don't
   know the details, one of the frustrating things about being
 a
   consulant. (A
   lot of help that is. ;-) But you could look through some
 Group
   Study
   messages from about a month ago. A bunch of folks had ideas
 to
   help. I think
   the title of the thread was something about Windows
 Networking.
  
   Here's one message

Re: Catalyst 4000 and DHCP [7:62632]

[Priscilla Oppenheimer]

Larry Letterman wrote:
 
 Hi Priscilla,
 
 I am reading your book that you sent me..why?
 
 :) need more info ?

Yes, do tell! :-) Thanks.

Priscilla

 
 Larry Letterman
 Network Engineer
 Cisco Systems
 
 
 - Original Message -
 From: Priscilla Oppenheimer 
 To: 
 Sent: Friday, February 07, 2003 3:22 PM
 Subject: RE: Catalyst 4000 and DHCP [7:62632]
 
 
  Waters, Kristina wrote:
  
   I am curious as to whether anything else got upgraded
 besides
   the new
   switch. I got the impression that this wasn't a problem
 before
   the upgrade,
   in which case portfast could definitely be the culprit.
   However, you could
   also see this error if DNS is improperly configured in a
 win2k
   domain. Also,
   I'm not sure about this, but if the 4006 has a sup3 or
 sup4,
   could the
   problem be related to layer 3?
 
  Sure it could. He says all that he did was put a switch
 in, but there's a
  good chance he did more than that, but we may never
 know... Sigh. But a new
  switch might imply that he also put in VLANs, a L3 module,
 etc.
 
  When people send in questions, it would be nice if they
 would send in enough
  info so we could do more than guess. It would be nice if
 they would provide
  a follow-up also and let us know what the problem really
 was and what fixed
  it.
 
  Some people can't stand the out of the office messages.
 
  I can't stand the messages that ressemble someone calling
 their doctor on
  the phone and saying no more than, Hey doc, I'm tired.
 Why?
 
  Now, if you go to the doctor in person, this might be OK
 because then the
  doctor can examine you. Here the analogy falls apart. We
 can't examine
  someone else's network. However, the wise poster will
 communicate info to us
  about their examination of their network to help us help
 them. (This isn't
  targetted at the original poster specifically, who did
 supply at least some
  info.)
 
  Troubleshooting should be done systematically. It's not a
 guessing game.
 
  Hope we learn more about what the issue was! It could be
 educational for
  many of us.
 
  Priscilla
 
  
   Kris
  
  
  
   -Original Message-
   From: Priscilla Oppenheimer
 [mailto:[EMAIL PROTECTED]]
   Sent: Friday, February 07, 2003 1:24 PM
   To: [EMAIL PROTECTED]
   Subject: RE: Catalyst 4000 and DHCP [7:62632]
  
  
   Tunde Kalejaiye wrote:
   
hi all,
   
we just upgraded our network to a switched, a catalyst
 4006
   to be
exactsome users have been getting 'no domain
 server
available '
error message. they usually have to try more than 4 -
 6 times
   to
successfully log on to the network.
has anybody come across this problem before? what work
 around
did u use
besides configuring static ip addresses?
thanks for your response(s) in advance
  
   Your message title implies that there's a problem with
 DHCP,
   but then your
   message text implies that the problem is with Windows
   networking,
   specifically a client trying to reach the domain
 controller? (I
   assume you
   mean the Windows type domain server and not the IP
 Domain Name
   System.)
  
   So, verify for yourself and us that DHCP is working
 first. If
   the failure is
   with DHCP, try the stuff other folks recommended. Enable
   portfast so that
   the clients can start receiving replies to their DHCP
 request
   ASAP. Also,
   you may need a helper address, depending on where your
 DHCP
   server is
   located. Feel free to send us more info about your
 topology and
   configuration.
  
   Then, you have to get Winblows working. I did have all
 sorts of
   problems
   getting this to work with a consulting client who had
 upgraded
   to VLANs.
   Unfortunately, he fixed the problems in the end without
 my
   help, so I don't
   know the details, one of the frustrating things about
 being a
   consulant. (A
   lot of help that is. ;-) But you could look through some
 Group
   Study
   messages from about a month ago. A bunch of folks had
 ideas to
   help. I think
   the title of the thread was something about Windows
 Networking.
  
   Here's one message that a wise person on the list sent'
 I've
   forgotten who,
   sorry.
  
   Simplest solution is to put a WINS Server on the Subnet
 that
   can't find the
   DC. Configure it to replicate with the DC on the other
 Subnet,
   or Statically
   configure the Domain Name entry for the NT Domain on the
 WINS
   Server in the
   troubled subnet. Your DC Not Found issue should be
 resolved
   then.
  
   More Administratively intensive solution is to modify
 the
   LMHOSTS file to
   have the following entry on every Windows
 Workstation/Server in
   the troubled
   subnet.
  
   IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name
  
  
   Microsoft has tons of documentation on this sort of
 thing.
  
   Keep us posted! Thanks,
  
   Priscilla
  
  
   
Tunde
  
 
 **
   This email and any files transmitted

Re: Catalyst 4000 and DHCP [7:62632]

[Larry Letterman]

Hi Priscilla,

I am reading your book that you sent me..why?

:) need more info ?

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Priscilla Oppenheimer 
To: 
Sent: Friday, February 07, 2003 3:22 PM
Subject: RE: Catalyst 4000 and DHCP [7:62632]


 Waters, Kristina wrote:
 
  I am curious as to whether anything else got upgraded
besides
  the new
  switch. I got the impression that this wasn't a problem
before
  the upgrade,
  in which case portfast could definitely be the culprit.
  However, you could
  also see this error if DNS is improperly configured in a
win2k
  domain. Also,
  I'm not sure about this, but if the 4006 has a sup3 or
sup4,
  could the
  problem be related to layer 3?

 Sure it could. He says all that he did was put a switch
in, but there's a
 good chance he did more than that, but we may never
know... Sigh. But a new
 switch might imply that he also put in VLANs, a L3 module,
etc.

 When people send in questions, it would be nice if they
would send in enough
 info so we could do more than guess. It would be nice if
they would provide
 a follow-up also and let us know what the problem really
was and what fixed
 it.

 Some people can't stand the out of the office messages.

 I can't stand the messages that ressemble someone calling
their doctor on
 the phone and saying no more than, Hey doc, I'm tired.
Why?

 Now, if you go to the doctor in person, this might be OK
because then the
 doctor can examine you. Here the analogy falls apart. We
can't examine
 someone else's network. However, the wise poster will
communicate info to us
 about their examination of their network to help us help
them. (This isn't
 targetted at the original poster specifically, who did
supply at least some
 info.)

 Troubleshooting should be done systematically. It's not a
guessing game.

 Hope we learn more about what the issue was! It could be
educational for
 many of us.

 Priscilla

 
  Kris
 
 
 
  -Original Message-
  From: Priscilla Oppenheimer
[mailto:[EMAIL PROTECTED]]
  Sent: Friday, February 07, 2003 1:24 PM
  To: [EMAIL PROTECTED]
  Subject: RE: Catalyst 4000 and DHCP [7:62632]
 
 
  Tunde Kalejaiye wrote:
  
   hi all,
  
   we just upgraded our network to a switched, a catalyst
4006
  to be
   exactsome users have been getting 'no domain
server
   available '
   error message. they usually have to try more than 4 -
6 times
  to
   successfully log on to the network.
   has anybody come across this problem before? what work
around
   did u use
   besides configuring static ip addresses?
   thanks for your response(s) in advance
 
  Your message title implies that there's a problem with
DHCP,
  but then your
  message text implies that the problem is with Windows
  networking,
  specifically a client trying to reach the domain
controller? (I
  assume you
  mean the Windows type domain server and not the IP
Domain Name
  System.)
 
  So, verify for yourself and us that DHCP is working
first. If
  the failure is
  with DHCP, try the stuff other folks recommended. Enable
  portfast so that
  the clients can start receiving replies to their DHCP
request
  ASAP. Also,
  you may need a helper address, depending on where your
DHCP
  server is
  located. Feel free to send us more info about your
topology and
  configuration.
 
  Then, you have to get Winblows working. I did have all
sorts of
  problems
  getting this to work with a consulting client who had
upgraded
  to VLANs.
  Unfortunately, he fixed the problems in the end without
my
  help, so I don't
  know the details, one of the frustrating things about
being a
  consulant. (A
  lot of help that is. ;-) But you could look through some
Group
  Study
  messages from about a month ago. A bunch of folks had
ideas to
  help. I think
  the title of the thread was something about Windows
Networking.
 
  Here's one message that a wise person on the list sent'
I've
  forgotten who,
  sorry.
 
  Simplest solution is to put a WINS Server on the Subnet
that
  can't find the
  DC. Configure it to replicate with the DC on the other
Subnet,
  or Statically
  configure the Domain Name entry for the NT Domain on the
WINS
  Server in the
  troubled subnet. Your DC Not Found issue should be
resolved
  then.
 
  More Administratively intensive solution is to modify
the
  LMHOSTS file to
  have the following entry on every Windows
Workstation/Server in
  the troubled
  subnet.
 
  IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name
 
 
  Microsoft has tons of documentation on this sort of
thing.
 
  Keep us posted! Thanks,
 
  Priscilla
 
 
  
   Tunde
 

**
  This email and any files transmitted with it are
confidential
  and
  intended solely for the use of the individual or entity
to whom
  they
  are addressed. If you have received this email in error
please
  notify
  the sender by email, delete and destroy this message and
its
  attachments

Catalyst 4000 and DHCP [7:62632]

[Tunde Kalejaiye]

hi all,

we just upgraded our network to a switched, a catalyst 4006 to be
exactsome users have been getting 'no domain server available '
error message. they usually have to try more than 4 - 6 times to
successfully log on to the network.
has anybody come across this problem before? what work around did u use
besides configuring static ip addresses?
thanks for your response(s) in advance

Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62632t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Ronnie Higginbotham]

Make sure you turn on portfast for workstation ports.

set spantree portfast enable 

This will cause the port to start forwarding in 5 seconds as apposed to 50.

Ronnie
Tunde Kalejaiye  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 hi all,

 we just upgraded our network to a switched, a catalyst 4006 to be
 exactsome users have been getting 'no domain server available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance

 Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62633t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 4000 and DHCP [7:62632]

[Waters, Kristina]

Do yo have portfast enabled on all end user ports?

Kris



-Original Message-
From: Tunde Kalejaiye [mailto:[EMAIL PROTECTED]] 
Sent: Friday, February 07, 2003 7:17 AM
To: [EMAIL PROTECTED]
Subject: Catalyst 4000 and DHCP [7:62632]


hi all,

we just upgraded our network to a switched, a catalyst 4006 to be
exactsome users have been getting 'no domain server available '
error message. they usually have to try more than 4 - 6 times to
successfully log on to the network. has anybody come across this problem
before? what work around did u use besides configuring static ip addresses?
thanks for your response(s) in advance

Tunde
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender by email, delete and destroy this message and its 
attachments.
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62634t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62652]

[Larry Letterman]

is port fast on ?
are ip helpers turned on the gateways?
are you using wins servers or AD ?

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Tunde Kalejaiye 
To: Larry Letterman ;

Sent: Friday, February 07, 2003 4:14 AM
Subject: Catalyst 4000 and DHCP


 hi all,

 we just upgraded our network to a switched, a catalyst
4006 to be
 exactsome users have been getting 'no domain server
available '
 error message. they usually have to try more than 4 - 6
times to
 successfully log on to the network.
 has anybody come across this problem before? what work
around did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance

 Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62652t=62652
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 4000 and DHCP [7:62632]

[Priscilla Oppenheimer]

Tunde Kalejaiye wrote:
 
 hi all,
 
 we just upgraded our network to a switched, a catalyst 4006 to
 be
 exactsome users have been getting 'no domain server
 available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around
 did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance

Your message title implies that there's a problem with DHCP, but then your
message text implies that the problem is with Windows networking,
specifically a client trying to reach the domain controller? (I assume you
mean the Windows type domain server and not the IP Domain Name System.)

So, verify for yourself and us that DHCP is working first. If the failure is
with DHCP, try the stuff other folks recommended. Enable portfast so that
the clients can start receiving replies to their DHCP request ASAP. Also,
you may need a helper address, depending on where your DHCP server is
located. Feel free to send us more info about your topology and configuration.

Then, you have to get Winblows working. I did have all sorts of problems
getting this to work with a consulting client who had upgraded to VLANs.
Unfortunately, he fixed the problems in the end without my help, so I don't
know the details, one of the frustrating things about being a consulant. (A
lot of help that is. ;-) But you could look through some Group Study
messages from about a month ago. A bunch of folks had ideas to help. I think
the title of the thread was something about Windows Networking.

Here's one message that a wise person on the list sent' I've forgotten who,
sorry.

Simplest solution is to put a WINS Server on the Subnet that can't find
the DC. Configure it to replicate with the DC on the other Subnet, or
Statically configure the Domain Name entry for the NT Domain on the WINS
Server in the troubled subnet. Your DC Not Found issue should be
resolved then.

More Administratively intensive solution is to modify the LMHOSTS file
to have the following entry on every Windows Workstation/Server in the
troubled subnet.

IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name


Microsoft has tons of documentation on this sort of thing.

Keep us posted! Thanks,

Priscilla


 
 Tunde
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62653t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 4000 and DHCP [7:62632]

[Waters, Kristina]

I am curious as to whether anything else got upgraded besides the new
switch. I got the impression that this wasn't a problem before the upgrade,
in which case portfast could definitely be the culprit. However, you could
also see this error if DNS is improperly configured in a win2k domain. Also,
I'm not sure about this, but if the 4006 has a sup3 or sup4, could the
problem be related to layer 3?

Kris



-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] 
Sent: Friday, February 07, 2003 1:24 PM
To: [EMAIL PROTECTED]
Subject: RE: Catalyst 4000 and DHCP [7:62632]


Tunde Kalejaiye wrote:
 
 hi all,
 
 we just upgraded our network to a switched, a catalyst 4006 to be
 exactsome users have been getting 'no domain server
 available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around
 did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance

Your message title implies that there's a problem with DHCP, but then your
message text implies that the problem is with Windows networking,
specifically a client trying to reach the domain controller? (I assume you
mean the Windows type domain server and not the IP Domain Name System.)

So, verify for yourself and us that DHCP is working first. If the failure is
with DHCP, try the stuff other folks recommended. Enable portfast so that
the clients can start receiving replies to their DHCP request ASAP. Also,
you may need a helper address, depending on where your DHCP server is
located. Feel free to send us more info about your topology and
configuration.

Then, you have to get Winblows working. I did have all sorts of problems
getting this to work with a consulting client who had upgraded to VLANs.
Unfortunately, he fixed the problems in the end without my help, so I don't
know the details, one of the frustrating things about being a consulant. (A
lot of help that is. ;-) But you could look through some Group Study
messages from about a month ago. A bunch of folks had ideas to help. I think
the title of the thread was something about Windows Networking.

Here's one message that a wise person on the list sent' I've forgotten who,
sorry.

Simplest solution is to put a WINS Server on the Subnet that can't find the
DC. Configure it to replicate with the DC on the other Subnet, or Statically
configure the Domain Name entry for the NT Domain on the WINS Server in the
troubled subnet. Your DC Not Found issue should be resolved then.

More Administratively intensive solution is to modify the LMHOSTS file to
have the following entry on every Windows Workstation/Server in the troubled
subnet.

IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name


Microsoft has tons of documentation on this sort of thing.

Keep us posted! Thanks,

Priscilla


 
 Tunde
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender by email, delete and destroy this message and its 
attachments.
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62662t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Larry Letterman]

I suppose its possible to have a L3 issue, but if the L3
card is setup for the
Vlan interfaces and routing properly, and the appropriate
helpers are in place
on the L3 interface, the 4006 should work. Usually this
issue is a result of the STP
50 second forward time on the L2 port.

Larry Letterman
Network Engineer
Cisco Systems


- Original Message -
From: Waters, Kristina 
To: 
Sent: Friday, February 07, 2003 11:58 AM
Subject: RE: Catalyst 4000 and DHCP [7:62632]


 I am curious as to whether anything else got upgraded
besides the new
 switch. I got the impression that this wasn't a problem
before the upgrade,
 in which case portfast could definitely be the culprit.
However, you could
 also see this error if DNS is improperly configured in a
win2k domain. Also,
 I'm not sure about this, but if the 4006 has a sup3 or
sup4, could the
 problem be related to layer 3?

 Kris



 -Original Message-
 From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
 Sent: Friday, February 07, 2003 1:24 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Catalyst 4000 and DHCP [7:62632]


 Tunde Kalejaiye wrote:
 
  hi all,
 
  we just upgraded our network to a switched, a catalyst
4006 to be
  exactsome users have been getting 'no domain server
  available '
  error message. they usually have to try more than 4 - 6
times to
  successfully log on to the network.
  has anybody come across this problem before? what work
around
  did u use
  besides configuring static ip addresses?
  thanks for your response(s) in advance

 Your message title implies that there's a problem with
DHCP, but then your
 message text implies that the problem is with Windows
networking,
 specifically a client trying to reach the domain
controller? (I assume you
 mean the Windows type domain server and not the IP Domain
Name System.)

 So, verify for yourself and us that DHCP is working first.
If the failure is
 with DHCP, try the stuff other folks recommended. Enable
portfast so that
 the clients can start receiving replies to their DHCP
request ASAP. Also,
 you may need a helper address, depending on where your
DHCP server is
 located. Feel free to send us more info about your
topology and
 configuration.

 Then, you have to get Winblows working. I did have all
sorts of problems
 getting this to work with a consulting client who had
upgraded to VLANs.
 Unfortunately, he fixed the problems in the end without my
help, so I don't
 know the details, one of the frustrating things about
being a consulant. (A
 lot of help that is. ;-) But you could look through some
Group Study
 messages from about a month ago. A bunch of folks had
ideas to help. I think
 the title of the thread was something about Windows
Networking.

 Here's one message that a wise person on the list sent'
I've forgotten who,
 sorry.

 Simplest solution is to put a WINS Server on the Subnet
that can't find the
 DC. Configure it to replicate with the DC on the other
Subnet, or Statically
 configure the Domain Name entry for the NT Domain on the
WINS Server in the
 troubled subnet. Your DC Not Found issue should be
resolved then.

 More Administratively intensive solution is to modify the
LMHOSTS file to
 have the following entry on every Windows
Workstation/Server in the troubled
 subnet.

 IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name


 Microsoft has tons of documentation on this sort of thing.

 Keep us posted! Thanks,

 Priscilla


 
  Tunde


**
 This email and any files transmitted with it are
confidential and
 intended solely for the use of the individual or entity to
whom they
 are addressed. If you have received this email in error
please notify
 the sender by email, delete and destroy this message and
its
 attachments.


**
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62668t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Karen E Young]

Tunde,

It sounds like your users are getting blocked by spanning tree on bootup.
Since the switch is spending ~50 seconds running spanning-tree before it
forwards any data, the DHCP requests aren't even getting through.

PortFast bypasses the usual spanning tree thing. It allows the port to
forward data almost as soon as its initialized. It a good idea to only use
portfast on a port to has an end node like a PC, server, or printer.

If your switch uses CatOS 7.1 or Native IOS 12.1(11)EX then it implements
Rapid spanning tree (802.1w) which shortens the time spent learning the
network before forwarding. You still need to use the portfast keyword to
configure the port as an edge port though. Here's a link about it:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml

Hope this helps.
Karen


*** REPLY SEPARATOR  ***

On 2/7/2003 at 12:16 PM Tunde Kalejaiye wrote:

hi all,

we just upgraded our network to a switched, a catalyst 4006 to be
exactsome users have been getting 'no domain server available '
error message. they usually have to try more than 4 - 6 times to
successfully log on to the network.
has anybody come across this problem before? what work around did u use
besides configuring static ip addresses?
thanks for your response(s) in advance

Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62677t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 4000 and DHCP [7:62632]

[Priscilla Oppenheimer]

Waters, Kristina wrote:
 
 I am curious as to whether anything else got upgraded besides
 the new
 switch. I got the impression that this wasn't a problem before
 the upgrade,
 in which case portfast could definitely be the culprit.
 However, you could
 also see this error if DNS is improperly configured in a win2k
 domain. Also,
 I'm not sure about this, but if the 4006 has a sup3 or sup4,
 could the
 problem be related to layer 3?

Sure it could. He says all that he did was put a switch in, but there's a
good chance he did more than that, but we may never know... Sigh. But a new
switch might imply that he also put in VLANs, a L3 module, etc.

When people send in questions, it would be nice if they would send in enough
info so we could do more than guess. It would be nice if they would provide
a follow-up also and let us know what the problem really was and what fixed
it.

Some people can't stand the out of the office messages.

I can't stand the messages that ressemble someone calling their doctor on
the phone and saying no more than, Hey doc, I'm tired. Why?

Now, if you go to the doctor in person, this might be OK because then the
doctor can examine you. Here the analogy falls apart. We can't examine
someone else's network. However, the wise poster will communicate info to us
about their examination of their network to help us help them. (This isn't
targetted at the original poster specifically, who did supply at least some
info.)

Troubleshooting should be done systematically. It's not a guessing game.

Hope we learn more about what the issue was! It could be educational for
many of us.

Priscilla

 
 Kris
 
 
 
 -Original Message-
 From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] 
 Sent: Friday, February 07, 2003 1:24 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Catalyst 4000 and DHCP [7:62632]
 
 
 Tunde Kalejaiye wrote:
  
  hi all,
  
  we just upgraded our network to a switched, a catalyst 4006
 to be
  exactsome users have been getting 'no domain server
  available '
  error message. they usually have to try more than 4 - 6 times
 to
  successfully log on to the network.
  has anybody come across this problem before? what work around
  did u use
  besides configuring static ip addresses?
  thanks for your response(s) in advance
 
 Your message title implies that there's a problem with DHCP,
 but then your
 message text implies that the problem is with Windows
 networking,
 specifically a client trying to reach the domain controller? (I
 assume you
 mean the Windows type domain server and not the IP Domain Name
 System.)
 
 So, verify for yourself and us that DHCP is working first. If
 the failure is
 with DHCP, try the stuff other folks recommended. Enable
 portfast so that
 the clients can start receiving replies to their DHCP request
 ASAP. Also,
 you may need a helper address, depending on where your DHCP
 server is
 located. Feel free to send us more info about your topology and
 configuration.
 
 Then, you have to get Winblows working. I did have all sorts of
 problems
 getting this to work with a consulting client who had upgraded
 to VLANs.
 Unfortunately, he fixed the problems in the end without my
 help, so I don't
 know the details, one of the frustrating things about being a
 consulant. (A
 lot of help that is. ;-) But you could look through some Group
 Study
 messages from about a month ago. A bunch of folks had ideas to
 help. I think
 the title of the thread was something about Windows Networking.
 
 Here's one message that a wise person on the list sent' I've
 forgotten who,
 sorry.
 
 Simplest solution is to put a WINS Server on the Subnet that
 can't find the
 DC. Configure it to replicate with the DC on the other Subnet,
 or Statically
 configure the Domain Name entry for the NT Domain on the WINS
 Server in the
 troubled subnet. Your DC Not Found issue should be resolved
 then.
 
 More Administratively intensive solution is to modify the
 LMHOSTS file to
 have the following entry on every Windows Workstation/Server in
 the troubled
 subnet.
 
 IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name
 
 
 Microsoft has tons of documentation on this sort of thing.
 
 Keep us posted! Thanks,
 
 Priscilla
 
 
  
  Tunde
 **
 This email and any files transmitted with it are confidential
 and
 intended solely for the use of the individual or entity to whom
 they
 are addressed. If you have received this email in error please
 notify
 the sender by email, delete and destroy this message and its 
 attachments.
 **
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62678t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP Relay on cisco 3002 [7:61486]

[Randy Rodriguez]

Cog -

DHCP relay is not yet supported on the 3002 Cisco VPN product line. Had a
customer that wanted to do that  instead we had to utilize the the
internal pool to provide addresses.

Regards,
Randy

On Tue, 21 Jan 2003 20:09:47 GMT cog  writes:
 I have a 3002 at a remote site in Network Extension Mode. I need to 
 have
 clients get IP addresses from a centralized DHCP server at Corporate 
 via a
 broadcast from the client thru the tunnel to the server. Does the 
 3002 allow
 me to add a helper?
 
 
 s vermill  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  cog wrote:
  
   Anyone have a way to get DHCP relay working on Cisco 3002?
  
  
 
  What's the problem?  And what IOS?
 [EMAIL PROTECTED]
 
 


Sign Up for Juno Platinum Internet Access Today
Only $9.95 per month!
Visit www.juno.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61645t=61486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DHCP Relay on cisco 3002 [7:61486]

[cog]

Anyone have a way to get DHCP relay working on Cisco 3002?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61486t=61486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DHCP Relay on cisco 3002 [7:61486]

[s vermill]

cog wrote:
 
 Anyone have a way to get DHCP relay working on Cisco 3002?
 
 

What's the problem?  And what IOS?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61490t=61486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP Relay on cisco 3002 [7:61486]

[cog]

I have a 3002 at a remote site in Network Extension Mode. I need to have
clients get IP addresses from a centralized DHCP server at Corporate via a
broadcast from the client thru the tunnel to the server. Does the 3002 allow
me to add a helper?


s vermill  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 cog wrote:
 
  Anyone have a way to get DHCP relay working on Cisco 3002?
 
 

 What's the problem?  And what IOS?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61493t=61486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP Relay on cisco 3002 [7:61486]

[cog]

I have this in the config file, Anyone know what to set these as? The DHCP
server? The Private IP of the 3002? Cisco, are you there?

[dhcp_server]
enable=1
LeaseTimeout=120
Relay=2
RelayAddr=0.0.0.0
RelayMask=0.0.0.0
IntMSHack=1

cog  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Anyone have a way to get DHCP relay working on Cisco 3002?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61491t=61486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP Relay on cisco 3002 [7:61486]

[s vermill]

cog wrote:
 
 I have a 3002 at a remote site in Network Extension Mode. I
 need to have
 clients get IP addresses from a centralized DHCP server at
 Corporate via a
 broadcast from the client thru the tunnel to the server. Does
 the 3002 allow
 me to add a helper?
 

I should have looked at your model number more closely before chiming in. 
Don't know much about Ciscos VPN line.  But a quick search on CCO did bring
up something about DHCP Intercept.  Unfortunately, nothing about how to
set it up.  Do you have the product literature?  Check for DHCP Intercept in
the index if you do.  Sorry for not being much help.  I was just looking at
the 3700 series for a new project and had that on the brain when I read
3002.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61536t=61486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX DHCP problem [7:60893]

[Richard Deal]

To all,

Use the show route command to see if you received the default route. One
configuration mistake that you might have made with the ip address command
is omitting the optional setroute parameter at the end. This parameter
accepts and uses the default route received from the ISP. The command should
look like this:
 ip address outside dhcp setroute

Also, remember that if you are pinging THROUGH the PIX from the inside
interface, you must have an ACL on the outside interface allowing the
returning ICMP traffic: ICMP traffic is NOT stateful in the PIX.

You can also use the following debug command to help troubleshoot (assuming
you have 6.2):
 [no] debug dhcpc detail|error|packet

Hope this helps!

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



supernet  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I have a PIX 506 and would like to use it for my home office. My ISP
 assigns dynamic IP to me. I can see my PIX 506 got the IP address but I
 can't ping anywhere. I don't know if it gets default gateway. How do I
 verify? Thanks. Yoshi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60917t=60893
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX DHCP problem [7:60893]

[supernet]

I have a PIX 506 and would like to use it for my home office. My ISP
assigns dynamic IP to me. I can see my PIX 506 got the IP address but I
can't ping anywhere. I don't know if it gets default gateway. How do I
verify? Thanks. Yoshi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60893t=60893
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RE: campus LAN Design w/DHCP Server [7:59724]

[Priscilla Oppenheimer]

Thanks Scott! It does bode well, despite the weird Dest Unreachable (Port
Unreachable) from the server.

Thanks again.

Priscilla

s vermill wrote:
 
 Priscilla,
 
 Well, it’s been an interesting project.  Unfortunately, the
 DHCP server app that I wound up trying (Vicomsoft) was so buggy
 that I couldn’t keep it from crashing.  Even when it was
 running, it was highly, highly unstable.  Granted, it was a
 demo, but I would think a demo would have basic functionality.
 
 Furthermore, I couldn’t get into the console port of the
 2900XL.  Tried everything.  The darned port is fried.
 
 So…here is what I came up with:
 
 
2621
 |
 |   |
  Foundry Networks switch
   |  |
   |  |
|  |
   DHCP Serv  DHCP Client
 
 
 The 2621, with 64M of memory and 8M of flash, is running
 12.1-18 IP Plus.  I don’t know much about the Foundry switch. 
 It was straight out of the box just yesterday.  I configured it
 with a dot1q trunk to the router, an access port in vlan 100
 (192.168.1.0/24), and an access port in vlan 200
 (192.168.2.0/24).  The server (192.168.1.100) was attached to
 VLAN 100 and the client (192.168.2.?) to vlan 200.  The router
 subinterfaces were the .1 address.  Subinterface F0/0.2 had an
 IP helper address of 192.168.1.100.
 
 On a couple of occasions I moved the client to vlan 100.  The
 server did actually work two or three times with a local
 client.  It never once worked with a non-local client.  The
 good news is that the DHCP Discovery crossed the vlans via the
 2621 and looked to be in pretty good shape:
 
  Frame 44 (343 bytes on wire, 343 bytes captured)
 Arrival Time: Dec 21, 2002 18:01:21.694951000
 Time delta from previous packet: 0.721309000 seconds
 Time relative to first packet: 40.720429000 seconds
 Frame Number: 44
 Packet Length: 343 bytes
 Capture Length: 343 bytes
 Ethernet II, Src: 00:02:fd:1d:c0:20, Dst: 00:08:74:03:77:b5
 Destination: 00:08:74:03:77:b5 (Dell_Com_03:77:b5)
 Source: 00:02:fd:1d:c0:20 (Cisco_1d:c0:20)
 Type: IP (0x0800)
 Internet Protocol, Src Addr: 192.168.2.1 (192.168.2.1), Dst
 Addr: 192.168.1.100 (192.168.1.100)
 Version: 4
 Header length: 20 bytes
 Differentiated Services Field: 0x00 (DSCP 0x00: Default;
 ECN: 0x00)
  00.. = Differentiated Services Codepoint: Default
 (0x00)
  ..0. = ECN-Capable Transport (ECT): 0
  ...0 = ECN-CE: 0
 Total Length: 329
 Identification: 0x0061
 Flags: 0x00
 .0.. = Don't fragment: Not set
 ..0. = More fragments: Not set
 Fragment offset: 0
 Time to live: 255
 Protocol: UDP (0x11)
 Header checksum: 0x358d (correct)
 Source: 192.168.2.1 (192.168.2.1)
 Destination: 192.168.1.100 (192.168.1.100)
 User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps
 (67)
 Source port: bootps (67)
 Destination port: bootps (67)
 Length: 309
 Checksum: 0xde84 (correct)
 Bootstrap Protocol
 Message type: Boot Request (1)
 Hardware type: Ethernet
 Hardware address length: 6
 Hops: 1
 Transaction ID: 0xcb4d080c
 Seconds elapsed: 17250
 Bootp flags: 0x8000 (Broadcast)
 1...    = Broadcast flag: Broadcast
 .000    = Reserved flags: 0x
 Client IP address: 0.0.0.0 (0.0.0.0)
 Your (client) IP address: 0.0.0.0 (0.0.0.0)
 Next server IP address: 0.0.0.0 (0.0.0.0)
 Relay agent IP address: 192.168.2.1 (192.168.2.1)
 Client hardware address: 00:06:5b:e4:d3:97
 Server host name not given
 Boot file name not given
 Magic cookie: (OK)
 Option 53: DHCP Message Type = DHCP Discover
 Unknown Option Code: 251 (1 bytes)
 Option 61: Client identifier
 Hardware type: Ethernet
 Client hardware address: 00:06:5b:e4:d3:97
 Option 50: Requested IP Address = 192.168.1.2
 Option 12: Host Name = laprmccarverGFE
 Option 60: Vendor class identifier = MSFT 5.0
 Option 55: Parameter Request List
 1 = Subnet Mask
 15 = Domain Name
 3 = Router
 
 Notice the relay agent address of 192.168.2.1.  That bodes
 well.  However, for some reason, this was the response:
 
 Frame 45 (70 bytes on wire, 70 bytes captured)
 Arrival Time: Dec 21, 2002 18:01:21.69501
 Time delta from previous packet: 0.59000 seconds
 Time relative to first packet: 40.720488000 seconds
 Frame Number: 45
 Packet Length: 70 bytes
 Capture Length: 70 bytes
 Ethernet II, Src: 00:08:74:03:77:b5, Dst: 00:02:fd:1d:c0:20
 Destination: 00:02:fd:1d:c0:20 (Cisco_1d:c0:20)
 Source: 00:08:74:03:77:b5 (Dell_Com_03:77:b5)
 Type: IP (0x0800)
 Internet Protocol, Src Addr: 192.168.1.100 (192.168.1.100), Dst
 Addr: 192.168.2.1

RE: campus LAN design w/DHCP server [7:59578]

[s vermill]

Priscilla,

I haven’t forsaken you (yet).  But here’s the deal:  

My 2610 only has 24M of memory.  I ignored the recommendation for at least
40M to run 12.1 IP Plus only to meet with disastrous results.  I need IP
Plus on this old clunker to enable dot1q (and I’m pretty sure at least 12.1
also).  So...I found what appears to be a 2620 in one of our labs.  There’s
a 2900XL nearby.  I suspect I can fire the two up and get ‘em going. 
However, the only module in the 2900 uplink slot is GigE.  So does anyone
know if I can configure one of the 24 access ports to trunk?  I have minimal
experience with the 2900XL and that was over a year ago.

The real problem is that I don’t have any servers in that lab at the
moment.  Does anyone know of a simple stand-alone DHCP application that will
run on a Windows machine?  If not, the best I can do at the moment using a
2600 would be to put a sniffer on 192.168.1.0 and a client on 192.168.2.0. 
The captured DHCP client requests should show whether or not the pertinent
subinterface address is being plugged into giaddr.
 
Regards,

Scott   



s vermill wrote:
 
 Priscilla,
 
 I'm sure someone can verify this with a 2600 specifically.  As
 far as DHCP in general, yes.  We just did this with a much
 larger 6509-based network.  No problems.  The only difference,
 of course, is that the MSFC has virtual router interfaces per
 VLAN - not subinterfaces on a router on a stick.  Can't see why
 DHCP itself would know or care.  But I guess you can't know for
 sure what that subinterface on the 2600 will do until someone
 specifically verifies it.  If you don't get such a response,
 I've got a 2600 laying around at the moment.  I'll dig up a
 switch, set up a DHCP server, and mock 'er up for ya.  Won't
 take long at all.
 
 Regards,
 
 Scott
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59684t=59578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: campus LAN design w/DHCP server [7:59646]

[Jeff Kell]

Priscilla Oppenheimer wrote:
 
 It's a fast Ethernet trunk, actually. I forgot to mention that. He does
have
 some internal servers. Do you think in and out of a Fast Ethernet trunk
will
 be less of a problem?

The 2600 might be.

 He had a broadcast meltdown last week. Perhaps that's why he's concerned.
He
 was using ghosting software.

Symantec Ghost will kill a 2600, 4500, and RSP1 by itself if it is 
multicasting (which it should be, not broadcasting) and you are doing
multicast routing (pim-sparse or pim-dense) and sometimes even when 
you disable MR.  I know this from the school of hard knocks - you will 
have CPU starvation with a 100Mbps-capable LAN (maybe not at 10Mb, but
then you would saturate the net).  A 7200/NPE-300 can handle it nicely.

DHCP isn't much of a problem, but when you enable the ip helper-address
be sure to selectively disable (no ip forward-protocol) everything else
you don't need (DNS, TFTP, NetBIOS, etc).

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59678t=59646
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: campus LAN design w/DHCP server [7:59664]

[Chuck Church]

Hey Priscilla,

I feel about 10 times better knowing it's a fast ethernet  :)  If
there's anyway to localize the traffic, such as putting department X's
clients and servers on vlan 100, and department Y's clients/servers on the
other, it'd be optimal.  But even if you can't it should run pretty well.
Worse comes to worse, they could always buy a 3550 and have that route
between VLANs at like light speed.  Which ghosting software is the client
using?  I thought that Ghost itself used multicast and was IGMP aware.

Chuck Church
CCIE #8776, MCNE, MCSE



 It's a fast Ethernet trunk, actually. I forgot to mention that. He does
have
 some internal servers. Do you think in and out of a Fast Ethernet trunk
will
 be less of a problem?

 You know my first reaction was also just move the subnet mask over. But he
 didn't seem to want to do that.

 He had a broadcast meltdown last week. Perhaps that's why he's concerned.
He
 was using ghosting software.

 Thanks for the input!

 Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59664t=59664
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: campus LAN design w/DHCP server [7:59578]

[Frank Jimenez]

There are no dumb questions.  Lots of dumb answers, though ;-)

We do this all the time when setting up Voice Vlans for AVVID.  The
configuration below details the operation of DHCP and the configuration
required.  You should be fine with the example you gave.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a
0080114aee.shtml


Frank Jimenez, CCIE #5738
Systems Engineer
Dallas Commercial
Cisco Systems, Inc.
[EMAIL PROTECTED]

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 19, 2002 7:18 PM
To: [EMAIL PROTECTED]
Subject: campus LAN design w/DHCP server [7:59578]


Sorry if this is a dumb question! ;-) I want to make sure this design
will work before implementing it.

The customer has been using 192.168.168.0/24 in one small flat LAN. He
has run out of these addresses and is being hit by performance issues
related to broadcasts.

He wants to implement subnets and VLANs:

VLAN 100 192.168.168.0/24
VLAN 200 192.168.169.0/24

New design:

 Internet
 |
 s0
  2600 router e1 --- public servers
 e0
 | dot1q trunk
   switch
VLAN 200 VLAN 100

There is just one DHCP server. It will be in VLAN 100, address
192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets.

We're going to do inter-VLAN routing on the 2600 router.

Will this config work as far as DHCP is concerned?

interface ethernet 0
no ip address
interface ethernet 0.1
encapsulation dot1q  100
ip address 192.168.168.1  255.255.255.0
interface ethernet 0.2
encapsulation dot1q  200
ip address 192.168.169.1  255.255.255.0
ip helper-address 192.168.168.10

Devices in VLAN 100 will broadcast and get to the DHCP server directly.
The DHCP server is in their VLAN/subnet.

Devices in VLAN 200 will broadcast. The router will hopefully pick up
the broadcast, convert it to a unicast to the DHCP server and send it
back out e0, with the GIADDR address filled in so the server will use
the right scope.

Sounds like it should work, but for some unknown reason, I couldn't find
an example that showed this.

Thanks so much for your help. You could save my Christmas by helping me
verify (or poke holes) in this design! I just wanted to check on the
DHCP aspect at this point. I can fix up the NAT and routing. My brain
stopped working after the last egg nog, so help is needed! :-)

Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59616t=59578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: campus LAN design w/DHCP server [7:59646]

[Chuck Church]

If everyone just goes to the internet, it'll work.  But if you've got one or
more servers internally, I'd be real afraid of trunking on a 10 mb interface.
You'll reduce your broadcasts, but I think performance will suffer horribly
crossing the router.  Since you've run out of addresses on a /24, I assume
you've got a couple hundred devices.  Personally I'd just move the mask back
one or 2 bits, making it a /22 or /23, and using the additional 1.0 or 1,2,
and 3.0 subnets.  There's things you can do to almost all OSs to reduce
broadcasts.  How many broadcasts are you seeing per second?  If it's no more
than 20 on average, I wouldn't even worry about it.

Chuck Church
CCIE #8776, MCNE, MCSE

The customer has been using 192.168.168.0/24 in one small flat LAN. He
has run out of these addresses and is being hit by performance issues
related to broadcasts.

He wants to implement subnets and VLANs:

VLAN 100 192.168.168.0/24
VLAN 200 192.168.169.0/24

New design:

 Internet
 |
 s0
  2600 router e1 --- public servers
 e0
 | dot1q trunk
   switch
VLAN 200 VLAN 100

There is just one DHCP server. It will be in VLAN 100, address
192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets.

We're going to do inter-VLAN routing on the 2600 router.

Will this config work as far as DHCP is concerned?

interface ethernet 0
no ip address
interface ethernet 0.1
encapsulation dot1q  100
ip address 192.168.168.1  255.255.255.0
interface ethernet 0.2
encapsulation dot1q  200
ip address 192.168.169.1  255.255.255.0
ip helper-address 192.168.168.10




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59646t=59646
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: campus LAN design w/DHCP server [7:59646]

[Priscilla Oppenheimer]

It's a fast Ethernet trunk, actually. I forgot to mention that. He does have
some internal servers. Do you think in and out of a Fast Ethernet trunk will
be less of a problem?

You know my first reaction was also just move the subnet mask over. But he
didn't seem to want to do that.

He had a broadcast meltdown last week. Perhaps that's why he's concerned. He
was using ghosting software.

Thanks for the input!

Priscilla

Chuck Church wrote:
 
 If everyone just goes to the internet, it'll work.  But if
 you've got one or
 more servers internally, I'd be real afraid of trunking on a 10
 mb interface.
 You'll reduce your broadcasts, but I think performance will
 suffer horribly
 crossing the router.  Since you've run out of addresses on a
 /24, I assume
 you've got a couple hundred devices.  Personally I'd just move
 the mask back
 one or 2 bits, making it a /22 or /23, and using the additional
 1.0 or 1,2,
 and 3.0 subnets.  There's things you can do to almost all OSs
 to reduce
 broadcasts.  How many broadcasts are you seeing per second?  If
 it's no more
 than 20 on average, I wouldn't even worry about it.
 
 Chuck Church
 CCIE #8776, MCNE, MCSE
 
 The customer has been using 192.168.168.0/24 in one small flat
 LAN. He
 has run out of these addresses and is being hit by performance
 issues
 related to broadcasts.
 
 He wants to implement subnets and VLANs:
 
 VLAN 100 192.168.168.0/24
 VLAN 200 192.168.169.0/24
 
 New design:
 
  Internet
  |
  s0
   2600 router e1 --- public servers
  e0
  | dot1q trunk
switch
 VLAN 200 VLAN 100
 
 There is just one DHCP server. It will be in VLAN 100, address
 192.168.168.10. The DHCP server will have 2 scopes for the 2
 subnets.
 
 We're going to do inter-VLAN routing on the 2600 router.
 
 Will this config work as far as DHCP is concerned?
 
 interface ethernet 0
 no ip address
 interface ethernet 0.1
 encapsulation dot1q  100
 ip address 192.168.168.1  255.255.255.0
 interface ethernet 0.2
 encapsulation dot1q  200
 ip address 192.168.169.1  255.255.255.0
 ip helper-address 192.168.168.10
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59648t=59646
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

campus LAN design w/DHCP server [7:59578]

[Priscilla Oppenheimer]

Sorry if this is a dumb question! ;-) I want to make sure this design will
work before implementing it.

The customer has been using 192.168.168.0/24 in one small flat LAN. He has
run out of these addresses and is being hit by performance issues related to
broadcasts.

He wants to implement subnets and VLANs:

VLAN 100 192.168.168.0/24
VLAN 200 192.168.169.0/24

New design:

 Internet
 |
 s0
  2600 router e1 --- public servers
 e0
 | dot1q trunk
   switch
VLAN 200 VLAN 100

There is just one DHCP server. It will be in VLAN 100, address
192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets.

We're going to do inter-VLAN routing on the 2600 router. 

Will this config work as far as DHCP is concerned?

interface ethernet 0
no ip address
interface ethernet 0.1
encapsulation dot1q  100
ip address 192.168.168.1  255.255.255.0
interface ethernet 0.2
encapsulation dot1q  200
ip address 192.168.169.1  255.255.255.0
ip helper-address 192.168.168.10

Devices in VLAN 100 will broadcast and get to the DHCP server directly. The
DHCP server is in their VLAN/subnet.

Devices in VLAN 200 will broadcast. The router will hopefully pick up the
broadcast, convert it to a unicast to the DHCP server and send it back out
e0, with the GIADDR address filled in so the server will use the right scope.

Sounds like it should work, but for some unknown reason, I couldn't find an
example that showed this.

Thanks so much for your help. You could save my Christmas by helping me
verify (or poke holes) in this design! I just wanted to check on the DHCP
aspect at this point. I can fix up the NAT and routing. My brain stopped
working after the last egg nog, so help is needed! :-)

Priscilla


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59578t=59578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: campus LAN design w/DHCP server [7:59578]

[s vermill]

Priscilla,

I'm sure someone can verify this with a 2600 specifically.  As far as DHCP
in general, yes.  We just did this with a much larger 6509-based network. 
No problems.  The only difference, of course, is that the MSFC has virtual
router interfaces per VLAN - not subinterfaces on a router on a stick. 
Can't see why DHCP itself would know or care.  But I guess you can't know
for sure what that subinterface on the 2600 will do until someone
specifically verifies it.  If you don't get such a response, I've got a 2600
laying around at the moment.  I'll dig up a switch, set up a DHCP server,
and mock 'er up for ya.  Won't take long at all.

Regards,

Scott




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59580t=59578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: campus LAN design w/DHCP server [7:59578]

[Larry Letterman]

No more drinks for you, pris
Design seems like it will work...till an intern puts up a nother dhcp
server on the same vlan and people get wrong address's

:-P

Priscilla Oppenheimer wrote:

Sorry if this is a dumb question! ;-) I want to make sure this design will
work before implementing it.

The customer has been using 192.168.168.0/24 in one small flat LAN. He has
run out of these addresses and is being hit by performance issues related to
broadcasts.

He wants to implement subnets and VLANs:

VLAN 100 192.168.168.0/24
VLAN 200 192.168.169.0/24

New design:

 Internet
 |
 s0
  2600 router e1 --- public servers
 e0
 | dot1q trunk
   switch
VLAN 200 VLAN 100

There is just one DHCP server. It will be in VLAN 100, address
192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets.

We're going to do inter-VLAN routing on the 2600 router. 

Will this config work as far as DHCP is concerned?

interface ethernet 0
no ip address
interface ethernet 0.1
encapsulation dot1q  100
ip address 192.168.168.1  255.255.255.0
interface ethernet 0.2
encapsulation dot1q  200
ip address 192.168.169.1  255.255.255.0
ip helper-address 192.168.168.10

Devices in VLAN 100 will broadcast and get to the DHCP server directly. The
DHCP server is in their VLAN/subnet.

Devices in VLAN 200 will broadcast. The router will hopefully pick up the
broadcast, convert it to a unicast to the DHCP server and send it back out
e0, with the GIADDR address filled in so the server will use the right
scope.

Sounds like it should work, but for some unknown reason, I couldn't find an
example that showed this.

Thanks so much for your help. You could save my Christmas by helping me
verify (or poke holes) in this design! I just wanted to check on the DHCP
aspect at this point. I can fix up the NAT and routing. My brain stopped
working after the last egg nog, so help is needed! :-)

Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59586t=59578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: campus LAN design w/DHCP server [7:59578]

[Priscilla Oppenheimer]

Maybe what I really need for Christmas is a new router. ;-) My routers are
too old to do this sort of stuff. It would be terrific if you could mock it
up.

I'm just not totally conviced the router will behave the way it obviously
should. Could be the egg nog though.

Thank-you. I am indebted to you!

Priscilla

s vermill wrote:
 
 Priscilla,
 
 I'm sure someone can verify this with a 2600 specifically.  As
 far as DHCP in general, yes.  We just did this with a much
 larger 6509-based network.  No problems.  The only difference,
 of course, is that the MSFC has virtual router interfaces per
 VLAN - not subinterfaces on a router on a stick.  Can't see why
 DHCP itself would know or care.  But I guess you can't know for
 sure what that subinterface on the 2600 will do until someone
 specifically verifies it.  If you don't get such a response,
 I've got a 2600 laying around at the moment.  I'll dig up a
 switch, set up a DHCP server, and mock 'er up for ya.  Won't
 take long at all.
 
 Regards,
 
 Scott
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59587t=59578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DHCP on PIX 520 [7:59425]

[Paul Carter]

Here's one I hope the PIX specialists on the List can help me solve.

I have a PIX 520 v6.2(1). I understand that it can act as a DHCP server, but
DHCP service on the PIX is currently supported only on the inside interface
and I need to service a subnet on another interface. I have a DHCP server
running on a subnet connected to a third PIX interface and I don't want to
run
another DHCP server on the same subnet as the clients in question. Here's my
setup and can this be done?


 DHCPsvr
 (if 3) DHCPclients
||
||
---PIX---CISCO3640
inside if   (if 2)


Is there no way to pass bootp broadcasts through the PIX? I know about ip
helper and ip forward in the router, so I can provide an ip helper address to
the clients but they'd still have no default gateway, so no way to get
through
the PIX?

I'd really appreciate a solution that doesn't force me to set up another DHCP
server.

Thanks,
Carter




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59425t=59425
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DHCP prefer Client-identifier as Hardware address [7:58244]

[olivier Boistel]

Hi,

I am testing the DHCP feature.
If i configure the manual DHCP pool with the hardware-address,
it's not working.
I must configure the client-identification.
It's not a problem for station (prefix = 01).
But client-identification's router is an ID as
0063.6973.636f.2d30.3030.342e.6331.3332.2e33.6538.302d.4661.302f.30

As somebody find a solution for this problem


Configuration :
no ip dhcp conflict logging
ip dhcp excluded-address 138.22.11.129 138.22.11.134
...
ip dhcp pool Router3
   host 138.22.11.130 255.255.255.128
   hardware-address 0004.c132.3e80 1 (Router's MAC)
   bootfile c.cfg
   option 150 ip 138.22.11.132
!
ip dhcp pool Workstation #OK
   host 138.22.11.133 255.255.255.128
   client-identifier 0100.5004.b4ee.0b 
   default-router 138.22.11.131
!
ip dhcp pool Other
   network 138.22.11.128 255.255.255.128
   default-router 138.22.11.131
!
If 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58244t=58244
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

cisco router as DHCP server [7:58049]

[puro prasad]

Hi all,
can a cisco router act as a DHCP server by itself?

Thanks.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58049t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: cisco router as DHCP server [7:58049]

[James Willard]

A quick search on Cisco.com's main page for IOS DHCP server reveals:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_
guide09186a008008743b.html

(Hopefully the list didn't eat the link as it often does, and watch the
line wrap..)

Before asking such a simple question, it's best to attempt to find the
answer on your own. It will build your own problem solving skills and
you might learn quite a bit more in the process... Just my $0.02

James Willard
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
puro prasad
Sent: Monday, November 25, 2002 2:07 PM
To: [EMAIL PROTECTED]
Subject: cisco router as DHCP server [7:58049]


Hi all,
can a cisco router act as a DHCP server by itself?

Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58052t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: cisco router as DHCP server [7:58049]

[s vermill]

puro prasad wrote:
 
 Hi all,
 can a cisco router act as a DHCP server by itself?
 
 Thanks.

Yep:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a008008743b.html


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58051t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: cisco router as DHCP server [7:58049]

[puro prasad]

Thanks.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58053t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: cisco router as DHCP server [7:58049]

[puro prasad]

thanks,
both for the link and the advice. It was a bit urgent.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58054t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: cisco router as DHCP server [7:58049]

[Rob Payne]

Yes it can, but must be IOS 12.0(1)T or later

 DHCP:
 ip dhcp pool cisco (specifies cisco as the string used for
the address pool)
  network 10.1.1.0 255.255.255.0(range of addresses for pool)
  default-router 10.1.1.254 (defines a default gateway to be leased
out)
  lease 0 0 15  (0 days, 0 hours, 15 minute lease)
  dns-server x.x.x.x
  domain-name cisco.com

(GLOBAL)
ip dhcp excluded-address 10.1.1.1   (LAN interface addresses, etc)


Rob Payne, CCIE #8325
Cisco Systems - AES (NSA)
Cellular:479-366-0629
E-mail:  [EMAIL PROTECTED]
Pager:   1-888-342-7923  OR
 [EMAIL PROTECTED]

Success is a Journey... Not a Destination

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
puro prasad
Sent: Monday, November 25, 2002 1:07 PM
To: [EMAIL PROTECTED]
Subject: cisco router as DHCP server [7:58049]


Hi all,
can a cisco router act as a DHCP server by itself?

Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58055t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: cisco router as DHCP server [7:58049]

[Jonathan Van Meter]

Puro,

Yes.  I set a branch office 1720 router to act as a DHCP server last week.
Follow the link below to Cisco's website for more information

http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guid
e09186a008008743b.html

Cheers,

Jonathan

puro prasad  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi all,
 can a cisco router act as a DHCP server by itself?

 Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58079t=58049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DHCP (client) problem on Cisco 2514 [7:56573]

[Steven]

Got this weird problem with a 2514 I use as a broadband router. I connect
the router to a DSL modem, but it doesn't get an IP address assigned. I got
the correct IOS, and have ip address dhcp configured on the outside
interface.
When I connect a PC directly to the DSL modem, it gets an IP address without
any problems... Of course I release the IP again before I disconnect the PC.
Also tried to statically assign the IP (obtained by DHCP with a PC) to my
router, and everything works just fine... But my provider changes the IP
every 24hrs.
:-(

I have other routers (not 2500s), but didn't have the time yet to try with
those. Wonder if any of you got similar problems and knows what is wrong?

Here is some debug output, FWIW

YahooBB-Router#
Oct 30 18:56:13 JST: DHCP: DHCP client process started:
Oct 30 18:56:17 JST: DHCP: Shutting down from get_netinfo()
Oct 30 18:56:17 JST: DHCP: Attempting to shutdown DHCP Client
Oct 30 18:56:18 JST: DHCP: allocate request
Oct 30 18:56:18 JST: DHCP: new entry. add to queue
Oct 30 18:56:18 JST: DHCP: SDiscover attempt # 1 for entry:
Oct 30 18:56:18 JST: DHCP: SDiscover: sending 298 byte length DHCP packet
Oct 30 18:56:18 JST: DHCP: SDiscover 298 bytes
Oct 30 18:56:21 JST: DHCP: SDiscover attempt # 2 for entry:
Oct 30 18:56:21 JST: DHCP: SDiscover: sending 298 byte length DHCP packet
Oct 30 18:56:21 JST: DHCP: SDiscover 298 bytes
Oct 30 18:56:24 JST: DHCP: SDiscover attempt # 3 for entry:
Oct 30 18:56:24 JST: DHCP: SDiscover: sending 298 byte length DHCP packet
Oct 30 18:56:24 JST: DHCP: SDiscover 298 bytes [OK]
YahooBB-Router#
YahooBB-Router#%Unknown DHCP problem.. No allocation possible




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56573t=56573
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP (client) problem on Cisco 2514 [7:56573]

[Steven]

I suppose posting the config would help...

YahooBB-Router#sh run
Building configuration...

Current configuration : 1779 bytes
!
! Last configuration change at 16:42:47 JST Wed Oct 30 2002
!
version 12.2
no service single-slot-reload-enable
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname YahooBB-Router
!
logging rate-limit console 10 except errors
enable secret 5 $1$c9.a$lpUgd8kGiwWmFJ.yTpfAD.
!
clock timezone JST 9
ip subnet-zero
no ip finger
ip name-server x.x.x.x
ip dhcp excluded-address 192.168.1.1 192.168.1.15
!
ip dhcp pool PrivateNet
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server x.x.x.x
!
ip cef
no ip dhcp-client network-discovery
!
!
!
!
interface Ethernet0
description toLAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip mroute-cache
load-interval 30
!
interface Ethernet1
description ToYahooBB_Modem
ip address dhcp
ip nat outside
no ip mroute-cache
load-interval 30
!
interface Serial0
no ip address
no ip mroute-cache
shutdown
!
interface Serial1
no ip address
no ip mroute-cache
shutdown
!
ip kerberos source-interface any
ip nat inside source list 101 interface Ethernet1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ethernet 1
no ip http server
!
access-list 1 permit x.x.x.x 0.0.0.255
access-list 1 permit x.x.x.x 0.0.0.255
access-list 1 deny any log
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
!
!
line con 0
exec-timeout 500 0
transport input none
line aux 0
transport input all
line vty 0 4
access-class 1 in
exec-timeout 500 0
password 7 xxx
login
!
ntp clock-period 17180016
ntp server x.x.x.x
ntp server x.x.x.x
end

YahooBB-Router#


Steven  wrote in message
news:200210310447.EAA24091;groupstudy.com...
 Got this weird problem with a 2514 I use as a broadband router. I connect
 the router to a DSL modem, but it doesn't get an IP address assigned. I
got
 the correct IOS, and have ip address dhcp configured on the outside
 interface.
 When I connect a PC directly to the DSL modem, it gets an IP address
without
 any problems... Of course I release the IP again before I disconnect the
PC.
 Also tried to statically assign the IP (obtained by DHCP with a PC) to my
 router, and everything works just fine... But my provider changes the IP
 every 24hrs.
 :-(

 I have other routers (not 2500s), but didn't have the time yet to try with
 those. Wonder if any of you got similar problems and knows what is wrong?

 Here is some debug output, FWIW

 YahooBB-Router#
 Oct 30 18:56:13 JST: DHCP: DHCP client process started:
 Oct 30 18:56:17 JST: DHCP: Shutting down from get_netinfo()
 Oct 30 18:56:17 JST: DHCP: Attempting to shutdown DHCP Client
 Oct 30 18:56:18 JST: DHCP: allocate request
 Oct 30 18:56:18 JST: DHCP: new entry. add to queue
 Oct 30 18:56:18 JST: DHCP: SDiscover attempt # 1 for entry:
 Oct 30 18:56:18 JST: DHCP: SDiscover: sending 298 byte length DHCP packet
 Oct 30 18:56:18 JST: DHCP: SDiscover 298 bytes
 Oct 30 18:56:21 JST: DHCP: SDiscover attempt # 2 for entry:
 Oct 30 18:56:21 JST: DHCP: SDiscover: sending 298 byte length DHCP packet
 Oct 30 18:56:21 JST: DHCP: SDiscover 298 bytes
 Oct 30 18:56:24 JST: DHCP: SDiscover attempt # 3 for entry:
 Oct 30 18:56:24 JST: DHCP: SDiscover: sending 298 byte length DHCP packet
 Oct 30 18:56:24 JST: DHCP: SDiscover 298 bytes [OK]
 YahooBB-Router#
 YahooBB-Router#%Unknown DHCP problem.. No allocation possible




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56574t=56573
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 4006 IP Phone DHCP problem [7:56049]

[Roberts, Larry]

I think the problem is that the 4006 is an IOS switch. I haven't worked with
VoIP on a set based switch yet, so I don't know much about configuring
them for this stuff.



Thanks

Larry
 

-Original Message-
From: Jennifer Mellone [mailto:jmellone;speakeasy.net] 
Sent: Wednesday, October 23, 2002 10:45 PM
To: [EMAIL PROTECTED]
Subject: RE: 4006 IP Phone DHCP problem [7:56049]


Larry,

I noticed you have the command switchport trunk encapsulation dot1q. 

Do you need to configure the interface/port as a trunk when you do the set
port auxiliaryvlan command (catos) or the switch voice vlan command (ios
switch)? According to Cisco's website, you don't for a catos switch, but you
do for an ios switch:
 
Check this out:
http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/network/dgcamp
us.htm#xtocid364019

NO TRUNKING HERE ON CATOS SWITCH:

Voice VLAN Configuration

To configure the VVID from the Catalyst software CLI, use the set port
auxiliaryvlan command. You can use this command to set the VVID on a single
port, on a range of ports, or for an entire module. The following example
shows how to display the command syntax:

Console (enable) set port auxiliaryvlan help

Usage: set port auxiliaryvlan 



(vlan + 1..1000)


In the following example, the VVID is set to 222 for ports 2/1 through 2/3.
When the phone powers up, the switch instructs it to register with VLAN 222.

Console (enable) set port auxiliaryvlan 2/1-3 222

Auxiliaryvlan 222 configuration successful.


The following examples show how to display which ports are in which
auxiliary VLAN:

Console show port auxiliaryvlan 222

AuxiliaryVlan auxVlanStatus Mod/Ports

- - -

222 222 1/2,2/1-3

Console show port 2/1

Port AuxiliaryVlan AuxVlan-Status

- - --

2.1 222 active



-

TRUNKING HERE ON IOS SWITCH:

 

The following is an example of VVID configuration on Catalyst switches
running Cisco IOS at the interface level (for example, Catalyst 3524-PWR and
2900XL):

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 

switchport mode trunk

switchport voice vlan 

spanning-tree portfast

switchport mode trust



- Jennifer
PS - are you going to trust the CoS going from phone to switch?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56225t=56049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 4006 IP Phone DHCP problem [7:56049]

[Roberts, Larry]

Sorry for the late reply. Our e-mail was backup up and I am not going
through over 300 emails from the Groupstudy lists.

We have the Cisco eq. working fine and I am currently trying to get the
Avaya stuff to work. Unfortunately I don't have access to the eq directly,
so I have to work with the on site tech to configure things.

Once I get it working I will let everyone know, or if not, why it doesn't
work...

Thanks

Larry
 

-Original Message-
From: Jennifer Mellone [mailto:jmellone;speakeasy.net] 
Sent: Wednesday, October 23, 2002 10:49 PM
To: [EMAIL PROTECTED]
Subject: RE: 4006 IP Phone DHCP problem [7:56049]


Larry,

Don't mind me, I'm not challenging the configs, just trying to learn -
sometimes Cisco's website can be very unclear to me ;-)

I forgot to ask - How are those Avaya phones working out compared to Cisco
phones?

- Jennifer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56224t=56049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 4006 IP Phone DHCP problem [7:56049]

[Jennifer Mellone]

Larry,

I noticed you have the command switchport trunk encapsulation dot1q. 

Do you need to configure the interface/port as a trunk when you do the set
port auxiliaryvlan command (catos) or the switch voice vlan command (ios
switch)? According to Cisco's website, you don't for a catos switch, but you
do for an ios switch:
 
Check this out:
http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/network/dgcampus.htm#xtocid364019

NO TRUNKING HERE ON CATOS SWITCH:

Voice VLAN Configuration

To configure the VVID from the Catalyst software CLI, use the set port
auxiliaryvlan command. You can use this command to set the VVID on a single
port, on a range of ports, or for an entire module. The following example
shows how to display the command syntax:

Console (enable) set port auxiliaryvlan help

Usage: set port auxiliaryvlan 



(vlan + 1..1000)


In the following example, the VVID is set to 222 for ports 2/1 through 2/3.
When the phone powers up, the switch instructs it to register with VLAN 222.

Console (enable) set port auxiliaryvlan 2/1-3 222

Auxiliaryvlan 222 configuration successful.


The following examples show how to display which ports are in which
auxiliary VLAN:

Console show port auxiliaryvlan 222

AuxiliaryVlan auxVlanStatus Mod/Ports

- - -

222 222 1/2,2/1-3

Console show port 2/1

Port AuxiliaryVlan AuxVlan-Status

- - --

2.1 222 active


-

TRUNKING HERE ON IOS SWITCH:

 

The following is an example of VVID configuration on Catalyst switches
running Cisco IOS at the interface level (for example, Catalyst 3524-PWR and
2900XL):

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 

switchport mode trunk

switchport voice vlan 

spanning-tree portfast

switchport mode trust



- Jennifer
PS - are you going to trust the CoS going from phone to switch?



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56182t=56049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 4006 IP Phone DHCP problem [7:56049]

[Jennifer Mellone]

Larry,

Don't mind me, I'm not challenging the configs, just trying to learn -
sometimes Cisco's website can be very unclear to me ;-)

I forgot to ask - How are those Avaya phones working out compared to Cisco
phones?

- Jennifer


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56183t=56049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 4006 IP Phone DHCP problem [7:56049]

[John Brandis]

Damn phones,

Don't they make you feel stupid sometimes. Great work Larry.

jb

-Original Message-
From: Roberts, Larry [mailto:Larry.Roberts;expanets.com] 
Sent: Wednesday, October 23, 2002 10:57 AM
To: John Brandis
Subject: RE: 4006 IP Phone DHCP problem [7:56049]


The Fix was to run a newer version of code on the phones. 
We swapped to p00303020213 and that fixed it, or so it appears. We will know
more after testing tomorrow.

Larry


-Original Message-
From: John Brandis [mailto:john.brandis;solution6.com] 
Sent: Monday, October 21, 2002 10:26 PM
To: 'Roberts, Larry'
Subject: RE: 4006 IP Phone DHCP problem [7:56049]


My problem which is hopefully something to look into, was that there was a
config on the phones themselves that played havoc  with what I was telling
the switch to do. Hopefully this will solve your problems as it does not ,
according to your config and what TAC suggests, and issue with the config of
the 4006.




-Original Message-
From: Roberts, Larry [mailto:Larry.Roberts;expanets.com] 
Sent: Tuesday, October 22, 2002 1:21 PM
To: John Brandis
Subject: RE: 4006 IP Phone DHCP problem [7:56049]


Running Cisco 7960's and some Avaya phones as well, although I don't know
their model number.

I don't remember what I did to help, but glad I could do it! 
If I come up with an answer I will let you know..

Larry


-Original Message-
From: John Brandis [mailto:john.brandis;solution6.com] 
Sent: Monday, October 21, 2002 9:39 PM
To: 'Roberts, Larry'
Subject: RE: 4006 IP Phone DHCP problem [7:56049]


I am very interested as I just purchased a 4006 to do the exact same setup.

Whats the phone type you are using, hopefully not a NEC ?

John
Sydney, Australia

Ps: thanks for helping with my VoIP issues last month.



-Original Message-
From: Roberts, Larry [mailto:Larry.Roberts;expanets.com] 
Sent: Tuesday, October 22, 2002 12:19 PM
To: [EMAIL PROTECTED]
Subject: 4006 IP Phone DHCP problem [7:56049]


Hey folks, Im hoping that one of you can help me with a problem. 
I have a 4006 with a SUPIII running 2 VLAN's. The Data VLAN is VLAN 1 and
the Voice VLAN is VLAN 200. I have a DHCP server on VLAN 1 with the proper
scopes defined. My problem is that the phone is getting a VLAN 1 ip address,
not a VLAN 200.

Standard IP phone config:

interface FastEthernet x/x
 description IP Phone
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport voice vlan 200
 no snmp trap link-status
 spanning-tree portfast


Now if I hardcode the switchport to VLAN 200 with a switchport access vlan
200 and switchport mode access, it works fine.

I did a debug on the SUPIII and I see the bootp request come in on VLAN 200,
and I can see the SUP III set the GIADDR to the VLAN 200 address.

I had the onsite tech take a look at the phone, and it see's itself as on
VLAN 200, so I don't understand why the request is being met with a VLAN 1
ip. 

I know that the scopes are correct because hard coding the interface makes
it work. I know that the VLAN interface configuration is correct because it
works when the port is hard coded to the correct interface.

I suspected that CEF was preventing the router from setting the GIADDR of
the packet, but debug shows it doing it so now I am lost.

I tried the standard  no ip route-cache / mroute-cache  but that hasn't
helped. I don't know if it's a software bug or what, but I am at a loss.

Anybody done this before ? I have several 3500's running this configuration
and they work fine, so I am beginning to wonder if it isn't in the SUP III
that is causing the issue. Perhaps it says its rewriting the GIADDR, but its
not.

IOS used: System image file is bootflash:cat4000-is-mz.121-12c.EW.bin

Any help/thoughts/verbal abuse is appreciated. 
I have a TAC case open to see what I'm doing wrong, but they aren't seeing
anything config wise being the problem so I thought I would try the experts
over here.

Thanks

Larry
**

visit http://www.solution6.com

UK Customers - http://www.solution6.co.uk

*
This email message (and attachments) may contain information that is
confidential to Solution 6. If you are not the intended recipient you cannot
use, distribute or copy the message or attachments.  In such a case, please
notify the sender by return email immediately and erase all copies of the
message and attachments.  Opinions, conclusions and other information in
this message and attachments that do not relate to the official business of
Solution 6 are neither given nor endorsed by it.
*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56116t=56049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations

4006 IP Phone DHCP problem [7:56049]

[Roberts, Larry]

Hey folks, Im hoping that one of you can help me with a problem. 
I have a 4006 with a SUPIII running 2 VLAN's. The Data VLAN is VLAN 1 and
the Voice VLAN is VLAN 200.
I have a DHCP server on VLAN 1 with the proper scopes defined.
My problem is that the phone is getting a VLAN 1 ip address, not a VLAN 200.

Standard IP phone config:

interface FastEthernet x/x
 description IP Phone
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport voice vlan 200
 no snmp trap link-status
 spanning-tree portfast


Now if I hardcode the switchport to VLAN 200 with a switchport access vlan
200 and switchport mode access, it works fine.

I did a debug on the SUPIII and I see the bootp request come in on VLAN 200,
and I can see the SUP III set the GIADDR to the VLAN 200 address.

I had the onsite tech take a look at the phone, and it see's itself as on
VLAN 200, so I don't understand why the request is being met with a VLAN 1
ip. 

I know that the scopes are correct because hard coding the interface makes
it work. I know that the VLAN interface configuration is correct because it
works when the port is hard coded to the correct interface.

I suspected that CEF was preventing the router from setting the GIADDR of
the packet, but debug shows it doing it so now I am lost.

I tried the standard  no ip route-cache / mroute-cache  but that hasn't
helped. I don't know if it's a software bug or what, but I am at a loss.

Anybody done this before ? I have several 3500's running this configuration
and they work fine, so I am beginning to wonder if it isn't in the SUP III
that is causing the issue. Perhaps it says its rewriting the GIADDR, but its
not.

IOS used: System image file is bootflash:cat4000-is-mz.121-12c.EW.bin

Any help/thoughts/verbal abuse is appreciated. 
I have a TAC case open to see what I'm doing wrong, but they aren't seeing
anything config wise being the problem so I thought I would try the experts
over here.

Thanks

Larry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56049t=56049
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX as a DHCP relay agent [7:55785]

[Priscilla Oppenheimer]

Ashraf Hozayen wrote:
 
 Hi,
 Use the dhcpd enable command to turn on DHCP daemon on PIX ,

That doesn't turn it into a DHCP relay agent, though, does it? I think you
need a router for that.

A DHCP relay agent forwards DHCP broadcasts to a server not on the local
LAN. It's accomplished on a router by configuring an IP helper address on
the incoming interface where the clients reside. The IP helper address
points to the server. The router than forwards the UDP broadcasts to port 67
over to the server.

This solves the problem where DHCP clients reside on a different LAN from
the DHCP server. The problem that you are addressing is a different problem.

Priscilla


 The PIX Firewall DHCP client can only be enabled on the outside
 interface.
 DHCP client support within the PIX Firewall is designed for use
 within a small office, home office (SOHO) environment using a
 PIX Firewall that is directly connected to a DSL or cable modem
 that supports the DHCP server function.
 
 
 
 
 
 Ashraf Hozayen
 Network Engineer 
 CCNA,CCNP ,CCIE  MCP
 Cisco Security Specialist 1
 VAS  Network IT Dept.
 Vodafone Egypt
 Direct No: +20-2-529-2824
 Fax No: +20-2-5292-499
 Cellular No : +20-105-372-020
 E-mail: [EMAIL PROTECTED]
 
 
  -Original Message-
 From: Osama Kamal [mailto:OKamal;Mobinil.com] 
 Sent: 17 October 2002 09:11 AM
 To:   [EMAIL PROTECTED]
 Subject:  PIX as a DHCP relay agent [7:55785]
 
 2 questions:
 
 Can the PIX work as a DHCP relay agent? 
 
 What are the ports required to be opened on the pix to allow
 DHCP relay
 agent traffic to pass through? 
 
  
 
 Thanks
 
  
 
 
 
 
 ***
 Important 
 Confidentiality: This communication is intended for the above
 named person
 and is confidential and/or legally privileged any  opinion
 expressed in this
 communication are not necessarily those of the Egyptian company
 for Mobile
 Services (MobiNiL). If it has come to you in error you must
 take no action
 based on it, nor must you copy or show it to anyone: please
 delete/destroy
 and  inform the sender  immediately.
 No Responsibility: MobiNiL is not responsible for any
 political, religious,
 racial or partisan opinion in any correspondence conducted by
 its domain
 users. Therefore, any such opinion expressed, whether
 explicitly or
 implicitly, in any said correspondence is not to be interpreted
 as that of
 MobiNiL.
 Monitoring / Viruses: MobiNiL may monitor all incoming 
 outgoing e-mails in
 line with current legislation. Although we have taken steps to
 ensure that
 this e-mail and attachments are free from any Virus, we advise
 that in
 keeping with good computing practice the recepient should
 ensure they are
 actuallyvirus free.
 The Egyptian Company for Mobile Services (MobiNiL)
 www.mobinil.com
  
 The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo -
 Egypt
 Telephone: +20 2 574 - 7000 or + 20 12 320 -  
 Fax: +20 2 574 - 7111 or +20 12 320- 7111
 ***
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55895t=55785
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX as a DHCP relay agent [7:55785]

[Osama Kamal]

2 questions:

Can the PIX work as a DHCP relay agent? 

What are the ports required to be opened on the pix to allow DHCP relay
agent traffic to pass through? 

 

Thanks

 




***
Important 
Confidentiality: This communication is intended for the above named person
and is confidential and/or legally privileged any  opinion expressed in this
communication are not necessarily those of the Egyptian company for Mobile
Services (MobiNiL). If it has come to you in error you must take no action
based on it, nor must you copy or show it to anyone: please delete/destroy
and  inform the sender  immediately.
No Responsibility: MobiNiL is not responsible for any political, religious,
racial or partisan opinion in any correspondence conducted by its domain
users. Therefore, any such opinion expressed, whether explicitly or
implicitly, in any said correspondence is not to be interpreted as that of
MobiNiL.
Monitoring / Viruses: MobiNiL may monitor all incoming  outgoing e-mails in
line with current legislation. Although we have taken steps to ensure that
this e-mail and attachments are free from any Virus, we advise that in
keeping with good computing practice the recepient should ensure they are
actuallyvirus free.
The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com
 
The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt 
Telephone: +20 2 574 - 7000 or + 20 12 320 -  
Fax: +20 2 574 - 7111 or +20 12 320- 7111
***




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55785t=55785
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX as a DHCP relay agent [7:55785]

[Ashraf Hozayen]

Hi,
Use the dhcpd enable command to turn on DHCP daemon on PIX , The PIX
Firewall DHCP client can only be enabled on the outside interface.
DHCP client support within the PIX Firewall is designed for use within a
small office, home office (SOHO) environment using a PIX Firewall that is
directly connected to a DSL or cable modem that supports the DHCP server
function.





Ashraf Hozayen
Network Engineer 
CCNA,CCNP ,CCIE  MCP
Cisco Security Specialist 1
VAS  Network IT Dept.
Vodafone Egypt
Direct No: +20-2-529-2824
Fax No: +20-2-5292-499
Cellular No : +20-105-372-020
E-mail: [EMAIL PROTECTED]


 -Original Message-
From:   Osama Kamal [mailto:[EMAIL PROTECTED]] 
Sent:   17 October 2002 09:11 AM
To: [EMAIL PROTECTED]
Subject:PIX as a DHCP relay agent [7:55785]

2 questions:

Can the PIX work as a DHCP relay agent? 

What are the ports required to be opened on the pix to allow DHCP relay
agent traffic to pass through? 

 

Thanks

 




***
Important 
Confidentiality: This communication is intended for the above named person
and is confidential and/or legally privileged any  opinion expressed in this
communication are not necessarily those of the Egyptian company for Mobile
Services (MobiNiL). If it has come to you in error you must take no action
based on it, nor must you copy or show it to anyone: please delete/destroy
and  inform the sender  immediately.
No Responsibility: MobiNiL is not responsible for any political, religious,
racial or partisan opinion in any correspondence conducted by its domain
users. Therefore, any such opinion expressed, whether explicitly or
implicitly, in any said correspondence is not to be interpreted as that of
MobiNiL.
Monitoring / Viruses: MobiNiL may monitor all incoming  outgoing e-mails in
line with current legislation. Although we have taken steps to ensure that
this e-mail and attachments are free from any Virus, we advise that in
keeping with good computing practice the recepient should ensure they are
actuallyvirus free.
The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com
 
The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt 
Telephone: +20 2 574 - 7000 or + 20 12 320 -  
Fax: +20 2 574 - 7111 or +20 12 320- 7111
***




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55788t=55785
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX as a DHCP relay agent [7:55785]

[Curious]

Hi
I dont think you can make PIX DHCP Relay Agent , athough you can make router
as DHCP relay agent(by using IP Helper Address) or make your Windows 2000
Server as DHCP Relay agent.


--
Curious

MCSE, CCNP
Ashraf Hozayen  wrote in message
news:200210170740.HAA27183;groupstudy.com...
 Hi,
 Use the dhcpd enable command to turn on DHCP daemon on PIX , The PIX
 Firewall DHCP client can only be enabled on the outside interface.
 DHCP client support within the PIX Firewall is designed for use within a
 small office, home office (SOHO) environment using a PIX Firewall that is
 directly connected to a DSL or cable modem that supports the DHCP server
 function.





 Ashraf Hozayen
 Network Engineer
 CCNA,CCNP ,CCIE  MCP
 Cisco Security Specialist 1
 VAS  Network IT Dept.
 Vodafone Egypt
 Direct No: +20-2-529-2824
 Fax No: +20-2-5292-499
 Cellular No : +20-105-372-020
 E-mail: [EMAIL PROTECTED]


  -Original Message-
 From: Osama Kamal [mailto:OKamal;Mobinil.com]
 Sent: 17 October 2002 09:11 AM
 To: [EMAIL PROTECTED]
 Subject: PIX as a DHCP relay agent [7:55785]

 2 questions:

 Can the PIX work as a DHCP relay agent?

 What are the ports required to be opened on the pix to allow DHCP relay
 agent traffic to pass through?



 Thanks






 ***
 Important
 Confidentiality: This communication is intended for the above named person
 and is confidential and/or legally privileged any  opinion expressed in
this
 communication are not necessarily those of the Egyptian company for Mobile
 Services (MobiNiL). If it has come to you in error you must take no action
 based on it, nor must you copy or show it to anyone: please delete/destroy
 and  inform the sender  immediately.
 No Responsibility: MobiNiL is not responsible for any political,
religious,
 racial or partisan opinion in any correspondence conducted by its domain
 users. Therefore, any such opinion expressed, whether explicitly or
 implicitly, in any said correspondence is not to be interpreted as that of
 MobiNiL.
 Monitoring / Viruses: MobiNiL may monitor all incoming  outgoing e-mails
in
 line with current legislation. Although we have taken steps to ensure that
 this e-mail and attachments are free from any Virus, we advise that in
 keeping with good computing practice the recepient should ensure they are
 actuallyvirus free.
 The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com

 The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt
 Telephone: +20 2 574 - 7000 or + 20 12 320 - 
 Fax: +20 2 574 - 7111 or +20 12 320- 7111
 ***




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55815t=55785
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Token Ring on DHCP?? [7:55847]

[Cisco Nuts]

Hello,
I have a router configured with DHCP server. Any other router connected to 
the same switch gets an ip address via DHCP from this router but my token 
ring interface is also grabbing an ip, even though it's admin down. I am 
wondering how? Is this how it works? Even possible. Please advise.
Thank you.
Sincerely,


RTB#i
InterfaceIP-Address  OK? Method StatusProtocol
Ethernet010.10.10.103YES BOOTP  upup
Serial0  unassigned  YES unset  administratively down down
Serial1  unassigned  YES unset  administratively down down
TokenRing0   10.10.10.104YES BOOTP  administratively down down


_
Choose an Internet access plan right for you -- try MSN! 
http://resourcecenter.msn.com/access/plans/default.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55847t=55847
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token Ring on DHCP?? [7:55847]

[Priscilla Oppenheimer]

Cisco Nuts wrote:
 
 Hello,
 I have a router configured with DHCP server. Any other router
 connected to
 the same switch gets an ip address via DHCP from this router
 but my token
 ring interface is also grabbing an ip, even though it's admin
 down. I am
 wondering how? Is this how it works? Even possible. Please
 advise.
 Thank you.
 Sincerely,
 
 
 RTB#i
 InterfaceIP-Address  OK? Method Status   
 Protocol
 Ethernet010.10.10.103YES BOOTP  upup
 Serial0  unassigned  YES unset  administratively down
 down
 Serial1  unassigned  YES unset  administratively down
 down
 TokenRing0   10.10.10.104YES BOOTP  administratively down
 down
 
 
 _
 Choose an Internet access plan right for you -- try MSN! 
 http://resourcecenter.msn.com/access/plans/default.asp
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55856t=55847
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token Ring on DHCP?? [7:55847]

[Priscilla Oppenheimer]

Sorry, the up arrow key is in the same place as the Post button when you try
to read this from Internet Explorer on a Mac. They overlap. It's a bug in
the user interface.  I didn't mean to post! :-)

But now, that I'm here, I must say this sounds like a bug. What version of
IOS are you using?

Priscilla


Priscilla Oppenheimer wrote:
 
 Cisco Nuts wrote:
  
  Hello,
  I have a router configured with DHCP server. Any other router
  connected to
  the same switch gets an ip address via DHCP from this router
  but my token
  ring interface is also grabbing an ip, even though it's admin
  down. I am
  wondering how? Is this how it works? Even possible. Please
  advise.
  Thank you.
  Sincerely,
  
  
  RTB#i
  InterfaceIP-Address  OK? Method Status   
  Protocol
  Ethernet010.10.10.103YES BOOTP  up   
 up
  Serial0  unassigned  YES unset  administratively down
  down
  Serial1  unassigned  YES unset  administratively down
  down
  TokenRing0   10.10.10.104YES BOOTP  administratively down
  down
  
  
 
 _
  Choose an Internet access plan right for you -- try MSN! 
  http://resourcecenter.msn.com/access/plans/default.asp
  
  
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55857t=55847
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Inside Interface accepts DHCP lease...but it has a static [7:55094]

[Dain Deutschman]

There is a router/modem connecting to the ISP using PPoA. This router was in
place and works...the customer just wanted some packet filtering as well (
which the router in place does not provide ). So I am using a Cisco SOHO 71.
E1 is the outside interface which connects to the inside interface of the
existing router. E1 has a static ip of 172.16.0.2 ( there is no ip address
dhcp it is ip address 172.16.0.2 255.255.255.0

E0 has ip address 192.168.0.9 255.255.255.0

There is a static route on the existing ( non Cisco ) router pointing all
192.168.0.0/24 destined traffic back to 172.16.0.2 ( E1 of Cisco ). There is
also a default route on the cisco pointing to 172.16.0.1 ( the inside
interface of the non-cisco router )

The non-cisco router does NAT

INTERNET-WANinterface(non-Cisco Router)172.16.0.1(inside)

|

|
  Win2000Server(DHCP)--|--192.168.0.9(E0)(Cisco SOHO71)172.16.0.2(E1)
  |
  |
LAN

Every few days ( there doesn't seem to be an exact regularity yet),
interface E0's ip address will change. So far it has always changed to
192.168.0.16. If I view the DHCP Manager in Windows 2000 Server, it
indicates that IP address associated with the router.

The config of e0 ( when working normal) looks like this:

Interface Ethernet 0
ip address 192.168.0.9 255.255.255.0

Any ideas???

I think I will configure syslog debugging level and turn on dhcp debugging.
With that I should get at very least the moment that the address
changes...and hopefully some dhcp debug output. I suppose I could also put a
sniffer in and try to detect it.

Thanks


Erick B.  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 That is strange. What type of router and IOS version?

 Just to clarify, the interface has 'ip address x.x.x.x
 y.y.y.y' config and not 'ip address dhcp' with a
 static DHCP assigned address. Being DSL, is it PPPoE
 by chance?

 Does e0 connect to DSL/Internet and e1 to their
 network or vice versa?

 --- Dain Deutschman  wrote:
  Hi all,
 
  I have a problem with a client on a dsl connection.
  Ethernet 0 and 1 both
  have statically assigned IP addresses. I leave the
  customer site and 3 days
  later they call and have no internet. I check the
  router config and E0 has
  the wrong IP address. I check the Win2000 DHCP
  server and that address is
  listed as leased to the router.
 
  Any ideas why the router is allowing this to happen?
 
  --
  Dain Deutschman
  CNA, MCP, CCNA
  Data Communications Manager
 [EMAIL PROTECTED]


 __
 Do you Yahoo!?
 Faith Hill - Exclusive Performances, Videos  More
 http://faith.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55094t=55094
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Which IOS version has the DHCP server software? [7:55102]

[r34rv13wm1rr0r]

Which IOS release has the DHCP server software?  It is for a 25xx router.

IP
IP PLUS
IP ENTERPRISE
IP SP

Thanks...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55102t=55102
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Which IOS version has the DHCP server software? [7:55102]

[Ben W]

I'm pretty sure its the enterprise version, I was looking for the same thing
on my 2500s and couldn't find an IOS with it enabled.  I didn't have enough
RAM/Flash for enterprise so I'm assuming it is enterprise that has it.

r34rv13wm1rr0r wrote:
 
 Which IOS release has the DHCP server software?  It is for a
 25xx router.
 
 IP
 IP PLUS
 IP ENTERPRISE
 IP SP
 
 Thanks...
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55108t=55102
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Which IOS version has the DHCP server software? [7:55102]

[John Golovich]

Try http://www.cisco.com/go/fn

The feature navigator is a blessing when looking for
certain things in an IOS.

--- Ben W  wrote:
 I'm pretty sure its the enterprise version, I was
 looking for the same thing
 on my 2500s and couldn't find an IOS with it
 enabled.  I didn't have enough
 RAM/Flash for enterprise so I'm assuming it is
 enterprise that has it.
 
 r34rv13wm1rr0r wrote:
  
  Which IOS release has the DHCP server software? 
 It is for a
  25xx router.
  
  IP
  IP PLUS
  IP ENTERPRISE
  IP SP
  
  Thanks...
 [EMAIL PROTECTED]
 
 


__
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos  More
http://faith.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55112t=55102
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Which IOS version has the DHCP server software? [7:55102]

[David C Prall]

Have a look at the Software Advisor and search by Feature:
http://www.cisco.com/cgi-bin/Support/CompNav/Index.pl

Search on DHCP Server-Easy IP Phase 2 which is first available in 12.0T,
platform specific to some releases. They show it first on the 2500 in
12.0(1)T, and it is available in all feature sets therefore IP should have
it.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
t/120t1/easyip2.htm#xtocid138

--
David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, October 08, 2002 12:59 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Which IOS version has the DHCP server software? [7:55102]


 I'm pretty sure its the enterprise version, I was looking for the
 same thing
 on my 2500s and couldn't find an IOS with it enabled.  I didn't
 have enough
 RAM/Flash for enterprise so I'm assuming it is enterprise that has it.

 r34rv13wm1rr0r wrote:
 
  Which IOS release has the DHCP server software?  It is for a
  25xx router.
 
  IP
  IP PLUS
  IP ENTERPRISE
  IP SP
 
  Thanks...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55115t=55102
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Which IOS version has the DHCP server software? [7:55102]

[Igor Zozulya]

Hi,

For DHCP on 25xx you'll need at least 12.x IP.

Regards
Igor

r34rv13wm1rr0r  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Which IOS release has the DHCP server software?  It is for a 25xx router.

 IP
 IP PLUS
 IP ENTERPRISE
 IP SP

 Thanks...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55119t=55102
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Inside Interface accepts DHCP lease...but it has a static [7:54998]

[Dain Deutschman]

Hi all,

I have a problem with a client on a dsl connection. Ethernet 0 and 1 both
have statically assigned IP addresses. I leave the customer site and 3 days
later they call and have no internet. I check the router config and E0 has
the wrong IP address. I check the Win2000 DHCP server and that address is
listed as leased to the router.

Any ideas why the router is allowing this to happen?

--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54998t=54998
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Inside Interface accepts DHCP lease...but it has a static [7:55066]

[Erick B.]

That is strange. What type of router and IOS version? 

Just to clarify, the interface has 'ip address x.x.x.x
y.y.y.y' config and not 'ip address dhcp' with a
static DHCP assigned address. Being DSL, is it PPPoE
by chance?

Does e0 connect to DSL/Internet and e1 to their
network or vice versa?

--- Dain Deutschman  wrote:
 Hi all,
 
 I have a problem with a client on a dsl connection.
 Ethernet 0 and 1 both
 have statically assigned IP addresses. I leave the
 customer site and 3 days
 later they call and have no internet. I check the
 router config and E0 has
 the wrong IP address. I check the Win2000 DHCP
 server and that address is
 listed as leased to the router.
 
 Any ideas why the router is allowing this to happen?
 
 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
[EMAIL PROTECTED]


__
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos  More
http://faith.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55066t=55066
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54698]

[[EMAIL PROTECTED]]

No it's always the Id-10-t's! (that's us ... Humans!)
Routers and servers always work, until we decide to configure them ;-)

Sorry for getting so late into this thread,only catching up with emails now,
The problem with hibernating / and suspend on w2k/WinXP computers, is also
this:
If the user suspends or hibernates his computer, goes to another location,
First plugs the NIC Cable in and then resumes from his session, the OS will
keep the old DHCP address. The computer doesn't realise that the network
location has changed. Of course if you resume and THEN plug in the cable, it
would get sorted out, unless the new location doesn't have a DHCP server, in
which case, WinDows will tell you that an error has occurred while
reconnecting to the network. 

Hope this helps (although it may be a bit too late)
Manish


-Original Message-
From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] 
Sent: 01 October 2002 22:23 
To: [EMAIL PROTECTED]
Subject: Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem
[7:54661]


fortunately, smarter people than I took the troubleshooting.

The problem was this:

The Network Admin decided to use a DHCP super scope on the Win2K server,
with several DHCP subscopes ( one for each office ) underneath.

He had understood that the purpose of the superscope was to  pass values
common to all subscopes - things like NTP server, DNS server, SMTP server -
while things like the default gateway would remain with the sub scopes.

Turns out this was a misunderstanding. The superscope ( apparently, if I
understand what I am being told ) is only for segments where there are
numbers of subnets on the same wire. This actually might explain why
Microsoft tech support misunderstood what was happening, and gave the
seemingly ludicrous advice to revert back to a Big Flat Bridged Network.
They were actually saying something else, but we misinterpreted.

As of today, the customer is testing, without the superscope in place, and
all appears well. Win2K and WinXP workstations are mobile, and are behaving
the way many of you described as proper.

See- the problem is always a server problem. It's NEVER the routers ;-

Chuck


Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Evans, TJ wrote:
 
  IIRC:
  Win2k and later detect 'cable disconnects', and de-IP your system.
 
  Strangely, they also detect 'cable reconnects' and attempt to re-IP 
  (via DHCP, or autoconfig if enabled) you at that time.

 Not to beat this to death, but that must indeed be the explanation. 
 W2K
and
 XP recognize when the user connects the Ethernet cable and resend a 
 DHCP request, assuming DHCP is being used. So when the PC is moved to 
 a new location and new subnet, it gets a proper address without any 
 user
twidling
 beyond inserting the cable. This seems too smart for Windoze, but I 
 can't think of any other explanataion.

 So, Chuck's users are using W2K and XP. What could they be doing 
 wrong??

 Also, of course, this doesn't solve the problem for wireless users. 
 That's not what Chuck was asking about, but it's still an interesting 
 issue. They could benefit from Mobile IP. (I really want to recommend 
 that. ;-)

 The reason I say that the cable insertion theory is the explanation is
that
 there's no other way for the operating system and protocol stack to 
 know that it needs to send a new DHCP request. Remember, we're talking 
 about laptops that haven't been shut down. (Maybe they go to sleep 
 though?
Awaking
 from sleep might also cause a new DHCP request?)

 The PC can't tell that it's on a different network by just looking at 
 packets. Even though it could see the IP addresses being used by other 
 devices, it couldn't know the subnet mask and default gateway to use.

 Contrast this with AppleTalk, which solved this problem years ago.   ;-)
An
 AppleTalk end node hears the incessant RTMPs coming from routers. Not 
 only does the end node learn the address of a gateway to use from 
 that, but it also learns its own network number because the local net 
 number is always the first one in the RTMP packet. Of course, the 
 tradeoff was those incessant RTMPs. ;-) But moving a Mac to a new 
 network has always been pretty straightforward, despite a rather 
 annoying message that comes up
and
 confuses users.

 ___

 Priscilla Oppenheimer
 www.troubleshootingnetworks.com
 www.priscilla.com
 
 
  Thanks!
  TJ
 
 
  -Original Message-
  From: Larry Letterman [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, October 01, 2002 1:20 PM
  To: [EMAIL PROTECTED]
  Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]
 
  Nothing to fess up to, Chuck..My w2K works the same way at home..
  connect, get a number..disconnect and reconnect , get a
  different number..
  Linksys routers are pretty simple devices...I have two of them
  currently
  and
  both give out dhcp on different subnets...I can get an address
  from
  either one
  by t

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Larry Letterman]

Nothing to fess up to, Chuck..My w2K works the same way at home..
connect, get a number..disconnect and reconnect , get a different number..
Linksys routers are pretty simple devices...I have two of them currently 
and
both give out dhcp on different subnets...I can get an address from 
either one
by the above functionno mobile ip..no special setup..just like 
Darrell said...

Larry

Chuck's Long Road wrote:

well S*** Larry, thanks for providing that vital piece of troubleshooting
relevant information!

I still say you are using Mobile IP.

fess up ;-

Chuck

--

www.chuckslongroad.info
like my web site?
take the survey!



Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

thats why we put in wireless in all our buildings..moving around is no
problem...

Priscilla Oppenheimer wrote:

Darrell Newcomb wrote:

Because pre-W2K windows didn't automatically try to renew a
lease when the
ethernet interface comes back up after being down.  So...if the
old lease
hadn't come up for renewal during the time the machine moved

from point A to

B.the users don't automatically get connectivity.

Plus with laptops, the user expects to not have to reboot. They may just
move from building to building without shutting down the laptop. It might

go

to sleep, but you should just be able to hit a button and keep working.

It

seems like a reasonable user expectation, but alas, we as networkers

haven't

done a good job in this area. (at least with IP)

The technical issue is that the user is in a different subnet and needs a
new IP address and default gateway after moving to a new building,

location,

whatever.

Priscilla

Lots of options to teach the helpdesk how to educate
usersbut since it
'worked before' in Chuck's case it's seen as a (big?)
problem(PITA).

Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

why is that ? we have segmented avvid network across our

campus. The

laptops are all W2K and they work just
fine without any issues on DHCP...The routers are all running

hsrp and

work correctly..

Chuck's Long Road wrote:

I see I should have made this one a Friday Folly :-

In a Big Flat Bridged Network, a mobile user unplugs the

laptop at one

office, drives over to the next office, plugs back in, and

no further
action

is required. The Windoze PC has retained it's IP address,

and the network

doesn't care about location, because it is one big flat

network.

However, in the brand new ATM based AVVID ready routed

network, said
mobile

user is now in a different segment in each location. With

Windoze, you
have

to manually intervene. Sometimes you have to release the IP

address,
reload

the computer, and then get your new DHCP assignment. Users

don't like
this.

After all, now they have to do something, whereas before

they did not.
Never

mind the higher speed, the failover capability of the

routers, the new
100

mbs switches rather than 10mbs. They have to take an extra

step or two in

order to log in.

This is normal behaviour for Windoze machines, and maybe for

DHCP clients
in

general. I have had to do this release / renew for years.

But to the customer, who is pretty naive in terms of

networking, there is
a

problem that was caused by the new routers.  To the users,

there is a

problem that never existed before.

Like I said, serves me right. You give a customer a great

new network,
and

you break something so rudimentary that it never would have

occurred

otherwise. :-

--

www.chuckslongroad.info
like my web site?
take the survey!



Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

Spare us the mystery and tell us what you're getting at.

:-) Did  you

forget

to tell the DHCP server to provide the correct default

gateway address
to

the PCs? That's my guess, since you say everything else

like helper

addresses, etc. is configured correctly.  Just a late-night

theory,

waiting

for Jay Leno to come on.

Thanks,

Priscilla

Chuck's Long Road wrote:

The AVVID solution I sold a few months ago is gong through
implementation.
This project has been problematic for a lot of reasons, so

it

is not unusual
for a round of e-mails from the customer complaining about

one

thing or
another.

Today was a good one, however. Shows to go you have to ask
things you
normally wouldn't think about.

DHCP - no big deal. Works fine. All of us have probably

used it

or
configured it. All of us probably have experience with

running

several small
sites off a single DHCP server at a central site.

So why is the customer complaining about DHCP not working,

and

it's because
our routers are screwed up and Microsoft told them that

they

would have to
change their network addressing to a single class B rather

than

subnets of
/16 space, the way I designed it?

The routers are configured correctly. The network is

designed

correctly - no
overlapping subnets. IP helpering

RE: OT: Serves Me Right - DHCP problem [7:54402]

[Evans, TJ]

Strangely, they also detect 'cable reconnects' and attempt to re-IP (via
DHCP, or autoconfig if enabled) you at that time.


Thanks!
TJ


-Original Message-
From: Larry Letterman [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, October 01, 2002 1:20 PM
To: [EMAIL PROTECTED]
Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]

Nothing to fess up to, Chuck..My w2K works the same way at home..
connect, get a number..disconnect and reconnect , get a different number..
Linksys routers are pretty simple devices...I have two of them currently 
and
both give out dhcp on different subnets...I can get an address from 
either one
by the above functionno mobile ip..no special setup..just like 
Darrell said...

Larry

Chuck's Long Road wrote:

well S*** Larry, thanks for providing that vital piece of troubleshooting
relevant information!

I still say you are using Mobile IP.

fess up ;-

Chuck

--

www.chuckslongroad.info
like my web site?
take the survey!



Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

thats why we put in wireless in all our buildings..moving around is no
problem...

Priscilla Oppenheimer wrote:

Darrell Newcomb wrote:

Because pre-W2K windows didn't automatically try to renew a
lease when the
ethernet interface comes back up after being down.  So...if the
old lease
hadn't come up for renewal during the time the machine moved

from point A to

B.the users don't automatically get connectivity.

Plus with laptops, the user expects to not have to reboot. They may just
move from building to building without shutting down the laptop. It might

go

to sleep, but you should just be able to hit a button and keep working.

It

seems like a reasonable user expectation, but alas, we as networkers

haven't

done a good job in this area. (at least with IP)

The technical issue is that the user is in a different subnet and needs a
new IP address and default gateway after moving to a new building,

location,

whatever.

Priscilla

Lots of options to teach the helpdesk how to educate
usersbut since it
'worked before' in Chuck's case it's seen as a (big?)
problem(PITA).

Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

why is that ? we have segmented avvid network across our

campus. The

laptops are all W2K and they work just
fine without any issues on DHCP...The routers are all running

hsrp and

work correctly..

Chuck's Long Road wrote:

I see I should have made this one a Friday Folly :-

In a Big Flat Bridged Network, a mobile user unplugs the

laptop at one

office, drives over to the next office, plugs back in, and

no further
action

is required. The Windoze PC has retained it's IP address,

and the network

doesn't care about location, because it is one big flat

network.

However, in the brand new ATM based AVVID ready routed

network, said
mobile

user is now in a different segment in each location. With

Windoze, you
have

to manually intervene. Sometimes you have to release the IP

address,
reload

the computer, and then get your new DHCP assignment. Users

don't like
this.

After all, now they have to do something, whereas before

they did not.
Never

mind the higher speed, the failover capability of the

routers, the new
100

mbs switches rather than 10mbs. They have to take an extra

step or two in

order to log in.

This is normal behaviour for Windoze machines, and maybe for

DHCP clients
in

general. I have had to do this release / renew for years.

But to the customer, who is pretty naive in terms of

networking, there is
a

problem that was caused by the new routers.  To the users,

there is a

problem that never existed before.

Like I said, serves me right. You give a customer a great

new network,
and

you break something so rudimentary that it never would have

occurred

otherwise. :-

--

www.chuckslongroad.info
like my web site?
take the survey!



Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

Spare us the mystery and tell us what you're getting at.

:-) Did  you

forget

to tell the DHCP server to provide the correct default

gateway address
to

the PCs? That's my guess, since you say everything else

like helper

addresses, etc. is configured correctly.  Just a late-night

theory,

waiting

for Jay Leno to come on.

Thanks,

Priscilla

Chuck's Long Road wrote:

The AVVID solution I sold a few months ago is gong through
implementation.
This project has been problematic for a lot of reasons, so

it

is not unusual
for a round of e-mails from the customer complaining about

one

thing or
another.

Today was a good one, however. Shows to go you have to ask
things you
normally wouldn't think about.

DHCP - no big deal. Works fine. All of us have probably

used it

or
configured it. All of us probably have experience with

running

several small
sites off a single DHCP server at a central site.

So why is the customer complaining about DHCP

RE: OT: Serves Me Right - DHCP problem [7:54402]

[Evans, TJ]

Hmm ... that email seemed to make more sense when I sent it ...
Let's try this again-


IIRC - Win2k and later detect 'cable disconnects', and de-IP your system.
Strangely, they also detect 'cable reconnects' and attempt to re-IP (via
DHCP, or autoconfig if enabled) you at that time.




-Original Message-
From: Evans, TJ [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, October 01, 2002 1:49 PM
To: [EMAIL PROTECTED]
Subject: RE: OT: Serves Me Right - DHCP problem [7:54402]

Strangely, they also detect 'cable reconnects' and attempt to re-IP (via
DHCP, or autoconfig if enabled) you at that time.


Thanks!
TJ


-Original Message-
From: Larry Letterman [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, October 01, 2002 1:20 PM
To: [EMAIL PROTECTED]
Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]

Nothing to fess up to, Chuck..My w2K works the same way at home..
connect, get a number..disconnect and reconnect , get a different number..
Linksys routers are pretty simple devices...I have two of them currently 
and
both give out dhcp on different subnets...I can get an address from 
either one
by the above functionno mobile ip..no special setup..just like 
Darrell said...

Larry

Chuck's Long Road wrote:

well S*** Larry, thanks for providing that vital piece of troubleshooting
relevant information!

I still say you are using Mobile IP.

fess up ;-

Chuck

--

www.chuckslongroad.info
like my web site?
take the survey!



Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

thats why we put in wireless in all our buildings..moving around is no
problem...

Priscilla Oppenheimer wrote:

Darrell Newcomb wrote:

Because pre-W2K windows didn't automatically try to renew a
lease when the
ethernet interface comes back up after being down.  So...if the
old lease
hadn't come up for renewal during the time the machine moved

from point A to

B.the users don't automatically get connectivity.

Plus with laptops, the user expects to not have to reboot. They may just
move from building to building without shutting down the laptop. It might

go

to sleep, but you should just be able to hit a button and keep working.

It

seems like a reasonable user expectation, but alas, we as networkers

haven't

done a good job in this area. (at least with IP)

The technical issue is that the user is in a different subnet and needs a
new IP address and default gateway after moving to a new building,

location,

whatever.

Priscilla

Lots of options to teach the helpdesk how to educate
usersbut since it
'worked before' in Chuck's case it's seen as a (big?)
problem(PITA).

Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

why is that ? we have segmented avvid network across our

campus. The

laptops are all W2K and they work just
fine without any issues on DHCP...The routers are all running

hsrp and

work correctly..

Chuck's Long Road wrote:

I see I should have made this one a Friday Folly :-

In a Big Flat Bridged Network, a mobile user unplugs the

laptop at one

office, drives over to the next office, plugs back in, and

no further
action

is required. The Windoze PC has retained it's IP address,

and the network

doesn't care about location, because it is one big flat

network.

However, in the brand new ATM based AVVID ready routed

network, said
mobile

user is now in a different segment in each location. With

Windoze, you
have

to manually intervene. Sometimes you have to release the IP

address,
reload

the computer, and then get your new DHCP assignment. Users

don't like
this.

After all, now they have to do something, whereas before

they did not.
Never

mind the higher speed, the failover capability of the

routers, the new
100

mbs switches rather than 10mbs. They have to take an extra

step or two in

order to log in.

This is normal behaviour for Windoze machines, and maybe for

DHCP clients
in

general. I have had to do this release / renew for years.

But to the customer, who is pretty naive in terms of

networking, there is
a

problem that was caused by the new routers.  To the users,

there is a

problem that never existed before.

Like I said, serves me right. You give a customer a great

new network,
and

you break something so rudimentary that it never would have

occurred

otherwise. :-

--

www.chuckslongroad.info
like my web site?
take the survey!



Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

Spare us the mystery and tell us what you're getting at.

:-) Did  you

forget

to tell the DHCP server to provide the correct default

gateway address
to

the PCs? That's my guess, since you say everything else

like helper

addresses, etc. is configured correctly.  Just a late-night

theory,

waiting

for Jay Leno to come on.

Thanks,

Priscilla

Chuck's Long Road wrote:

The AVVID solution I sold a few months ago is gong through
implementation.
This project has be

RE: OT: Serves Me Right - DHCP problem [7:54402]

[Priscilla Oppenheimer]

Evans, TJ wrote:
 
 IIRC:
   Win2k and later detect 'cable disconnects', and de-IP your
 system.
 
 Strangely, they also detect 'cable reconnects' and attempt to
 re-IP (via
 DHCP, or autoconfig if enabled) you at that time.

Not to beat this to death, but that must indeed be the explanation. W2K and
XP recognize when the user connects the Ethernet cable and resend a DHCP
request, assuming DHCP is being used. So when the PC is moved to a new
location and new subnet, it gets a proper address without any user twidling
beyond inserting the cable. This seems too smart for Windoze, but I can't
think of any other explanataion.

So, Chuck's users are using W2K and XP. What could they be doing wrong??

Also, of course, this doesn't solve the problem for wireless users. That's
not what Chuck was asking about, but it's still an interesting issue. They
could benefit from Mobile IP. (I really want to recommend that. ;-)

The reason I say that the cable insertion theory is the explanation is that
there's no other way for the operating system and protocol stack to know
that it needs to send a new DHCP request. Remember, we're talking about
laptops that haven't been shut down. (Maybe they go to sleep though? Awaking
from sleep might also cause a new DHCP request?)

The PC can't tell that it's on a different network by just looking at
packets. Even though it could see the IP addresses being used by other
devices, it couldn't know the subnet mask and default gateway to use.

Contrast this with AppleTalk, which solved this problem years ago.   ;-) An
AppleTalk end node hears the incessant RTMPs coming from routers. Not only
does the end node learn the address of a gateway to use from that, but it
also learns its own network number because the local net number is always
the first one in the RTMP packet. Of course, the tradeoff was those
incessant RTMPs. ;-) But moving a Mac to a new network has always been
pretty straightforward, despite a rather annoying message that comes up and
confuses users.

___

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com
 
 
 Thanks!
 TJ
 
 
 -Original Message-
 From: Larry Letterman [mailto:[EMAIL PROTECTED]] 
 Sent: Tuesday, October 01, 2002 1:20 PM
 To: [EMAIL PROTECTED]
 Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]
 
 Nothing to fess up to, Chuck..My w2K works the same way at
 home..
 connect, get a number..disconnect and reconnect , get a
 different number..
 Linksys routers are pretty simple devices...I have two of them
 currently
 and
 both give out dhcp on different subnets...I can get an address
 from
 either one
 by the above functionno mobile ip..no special setup..just
 like
 Darrell said...
 
 Larry
 
 Chuck's Long Road wrote:
 
 well S*** Larry, thanks for providing that vital piece of
 troubleshooting
 relevant information!
 
 I still say you are using Mobile IP.
 
 fess up ;-
 
 Chuck
 
 --
 
 www.chuckslongroad.info
 like my web site?
 take the survey!
 
 
 
 Larry Letterman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 
 thats why we put in wireless in all our buildings..moving
 around is no
 problem...
 
 Priscilla Oppenheimer wrote:
 
 Darrell Newcomb wrote:
 
 Because pre-W2K windows didn't automatically try to renew a
 lease when the
 ethernet interface comes back up after being down.  So...if
 the
 old lease
 hadn't come up for renewal during the time the machine moved
 
 from point A to
 
 B.the users don't automatically get connectivity.
 
 Plus with laptops, the user expects to not have to reboot.
 They may just
 move from building to building without shutting down the
 laptop. It might
 
 go
 
 to sleep, but you should just be able to hit a button and
 keep working.
 
 It
 
 seems like a reasonable user expectation, but alas, we as
 networkers
 
 haven't
 
 done a good job in this area. (at least with IP)
 
 The technical issue is that the user is in a different
 subnet and needs a
 new IP address and default gateway after moving to a new
 building,
 
 location,
 
 whatever.
 
 Priscilla
 
 Lots of options to teach the helpdesk how to educate
 usersbut since it
 'worked before' in Chuck's case it's seen as a (big?)
 problem(PITA).
 
 Larry Letterman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 
 why is that ? we have segmented avvid network across our
 
 campus. The
 
 laptops are all W2K and they work just
 fine without any issues on DHCP...The routers are all
 running
 
 hsrp and
 
 work correctly..
 
 Chuck's Long Road wrote:
 
 I see I should have made this one a Friday Folly :-
 
 In a Big Flat Bridged Network, a mobile user unplugs the
 
 laptop at one
 
 office, drives over to the next office, plugs back in, and
 
 no further
 action
 
 is required. The Windoze PC has retained it's IP address,
 
 and the network
 
 doesn't care about location, because it is one big flat
 
 network.
 
 However, in the brand new ATM b

RE: OT: Serves Me Right - DHCP problem [7:54402]

[Logan, Harold]

This may seem like too simple of a solution (no such thing though right?)
But my approach to this problem for a consulting client who floats from
network to network with a wireless NIC was to just make him a batch file and
put a shortcut to it on his desktop. The batch file has two commands in it:

ipconfig/release
ipconfig/renew
(naturally, a win98 machine needs ipconfig/release_all and
ipconfig/renew_all)

And I told him to double-click that icon if he ever wasn't getting network
traffic. Of course, I got the usual end user questions - why do I have to do
this, isn't there a way that I can go from work to home and not have to
click this icon, etc... I told him his other option was to get billed for me
to make an on-site visit to do the same thing, and it hasn't been an issue
since.

 -Original Message-
 From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, October 01, 2002 2:55 PM
 To: [EMAIL PROTECTED]
 Subject: RE: OT: Serves Me Right - DHCP problem [7:54402]
 
 
 Evans, TJ wrote:
  
  IIRC:
  Win2k and later detect 'cable disconnects', and de-IP your
  system.
  
  Strangely, they also detect 'cable reconnects' and attempt to
  re-IP (via
  DHCP, or autoconfig if enabled) you at that time.
 
 Not to beat this to death, but that must indeed be the 
 explanation. W2K and
 XP recognize when the user connects the Ethernet cable and 
 resend a DHCP
 request, assuming DHCP is being used. So when the PC is moved to a new
 location and new subnet, it gets a proper address without any 
 user twidling
 beyond inserting the cable. This seems too smart for Windoze, 
 but I can't
 think of any other explanataion.
 
 So, Chuck's users are using W2K and XP. What could they be 
 doing wrong??
 
 Also, of course, this doesn't solve the problem for wireless 
 users. That's
 not what Chuck was asking about, but it's still an 
 interesting issue. They
 could benefit from Mobile IP. (I really want to recommend that. ;-)
 
 The reason I say that the cable insertion theory is the 
 explanation is that
 there's no other way for the operating system and protocol 
 stack to know
 that it needs to send a new DHCP request. Remember, we're 
 talking about
 laptops that haven't been shut down. (Maybe they go to sleep 
 though? Awaking
 from sleep might also cause a new DHCP request?)
 
 The PC can't tell that it's on a different network by just looking at
 packets. Even though it could see the IP addresses being used by other
 devices, it couldn't know the subnet mask and default gateway to use.
 
 Contrast this with AppleTalk, which solved this problem years 
 ago.   ;-) An
 AppleTalk end node hears the incessant RTMPs coming from 
 routers. Not only
 does the end node learn the address of a gateway to use from 
 that, but it
 also learns its own network number because the local net 
 number is always
 the first one in the RTMP packet. Of course, the tradeoff was those
 incessant RTMPs. ;-) But moving a Mac to a new network has always been
 pretty straightforward, despite a rather annoying message 
 that comes up and
 confuses users.
 
 ___
 
 Priscilla Oppenheimer
 www.troubleshootingnetworks.com
 www.priscilla.com
  
  
  Thanks!
  TJ
  
  
  -Original Message-
  From: Larry Letterman [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, October 01, 2002 1:20 PM
  To: [EMAIL PROTECTED]
  Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]
  
  Nothing to fess up to, Chuck..My w2K works the same way at
  home..
  connect, get a number..disconnect and reconnect , get a
  different number..
  Linksys routers are pretty simple devices...I have two of them
  currently
  and
  both give out dhcp on different subnets...I can get an address
  from
  either one
  by the above functionno mobile ip..no special setup..just
  like
  Darrell said...
  
  Larry
  
  Chuck's Long Road wrote:
  
  well S*** Larry, thanks for providing that vital piece of
  troubleshooting
  relevant information!
  
  I still say you are using Mobile IP.
  
  fess up ;-
  
  Chuck
  
  --
  
  www.chuckslongroad.info
  like my web site?
  take the survey!
  
  
  
  Larry Letterman  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  
  thats why we put in wireless in all our buildings..moving
  around is no
  problem...
  
  Priscilla Oppenheimer wrote:
  
  Darrell Newcomb wrote:
  
  Because pre-W2K windows didn't automatically try to renew a
  lease when the
  ethernet interface comes back up after being down.  So...if
  the
  old lease
  hadn't come up for renewal during the time the machine moved
  
  from point A to
  
  B.the users don't automatically get connectivity.
  
  Plus with laptops, the user expects to not have to reboot.
  They may just
  move from building to building without shutting down the
  laptop. It might
  
  go
  
  to sleep, but you should just be able to hit a button and
  keep working.
  
  It
  
  seems like a reasonable user exp

Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54661]

[Chuck's Long Road]

fortunately, smarter people than I took the troubleshooting.

The problem was this:

The Network Admin decided to use a DHCP super scope on the Win2K server,
with several DHCP subscopes ( one for each office ) underneath.

He had understood that the purpose of the superscope was to  pass values
common to all subscopes - things like NTP server, DNS server, SMTP server -
while things like the default gateway would remain with the sub scopes.

Turns out this was a misunderstanding. The superscope ( apparently, if I
understand what I am being told ) is only for segments where there are
numbers of subnets on the same wire. This actually might explain why
Microsoft tech support misunderstood what was happening, and gave the
seemingly ludicrous advice to revert back to a Big Flat Bridged Network.
They were actually saying something else, but we misinterpreted.

As of today, the customer is testing, without the superscope in place, and
all appears well. Win2K and WinXP workstations are mobile, and are behaving
the way many of you described as proper.

See- the problem is always a server problem. It's NEVER the routers ;-

Chuck


Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Evans, TJ wrote:
 
  IIRC:
  Win2k and later detect 'cable disconnects', and de-IP your
  system.
 
  Strangely, they also detect 'cable reconnects' and attempt to
  re-IP (via
  DHCP, or autoconfig if enabled) you at that time.

 Not to beat this to death, but that must indeed be the explanation. W2K
and
 XP recognize when the user connects the Ethernet cable and resend a DHCP
 request, assuming DHCP is being used. So when the PC is moved to a new
 location and new subnet, it gets a proper address without any user
twidling
 beyond inserting the cable. This seems too smart for Windoze, but I can't
 think of any other explanataion.

 So, Chuck's users are using W2K and XP. What could they be doing wrong??

 Also, of course, this doesn't solve the problem for wireless users. That's
 not what Chuck was asking about, but it's still an interesting issue. They
 could benefit from Mobile IP. (I really want to recommend that. ;-)

 The reason I say that the cable insertion theory is the explanation is
that
 there's no other way for the operating system and protocol stack to know
 that it needs to send a new DHCP request. Remember, we're talking about
 laptops that haven't been shut down. (Maybe they go to sleep though?
Awaking
 from sleep might also cause a new DHCP request?)

 The PC can't tell that it's on a different network by just looking at
 packets. Even though it could see the IP addresses being used by other
 devices, it couldn't know the subnet mask and default gateway to use.

 Contrast this with AppleTalk, which solved this problem years ago.   ;-)
An
 AppleTalk end node hears the incessant RTMPs coming from routers. Not only
 does the end node learn the address of a gateway to use from that, but it
 also learns its own network number because the local net number is always
 the first one in the RTMP packet. Of course, the tradeoff was those
 incessant RTMPs. ;-) But moving a Mac to a new network has always been
 pretty straightforward, despite a rather annoying message that comes up
and
 confuses users.

 ___

 Priscilla Oppenheimer
 www.troubleshootingnetworks.com
 www.priscilla.com
 
 
  Thanks!
  TJ
 
 
  -Original Message-
  From: Larry Letterman [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, October 01, 2002 1:20 PM
  To: [EMAIL PROTECTED]
  Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]
 
  Nothing to fess up to, Chuck..My w2K works the same way at
  home..
  connect, get a number..disconnect and reconnect , get a
  different number..
  Linksys routers are pretty simple devices...I have two of them
  currently
  and
  both give out dhcp on different subnets...I can get an address
  from
  either one
  by the above functionno mobile ip..no special setup..just
  like
  Darrell said...
 
  Larry
 
  Chuck's Long Road wrote:
 
  well S*** Larry, thanks for providing that vital piece of
  troubleshooting
  relevant information!
  
  I still say you are using Mobile IP.
  
  fess up ;-
  
  Chuck
  
  --
  
  www.chuckslongroad.info
  like my web site?
  take the survey!
  
  
  
  Larry Letterman  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  
  thats why we put in wireless in all our buildings..moving
  around is no
  problem...
  
  Priscilla Oppenheimer wrote:
  
  Darrell Newcomb wrote:
  
  Because pre-W2K windows didn't automatically try to renew a
  lease when the
  ethernet interface comes back up after being down.  So...if
  the
  old lease
  hadn't come up for renewal during the time the machine moved
  
  from point A to
  
  B.the users don't automatically get connectivity.
  
  Plus with laptops, the user expects to not have to reboot.
  They may just
  move from building to building witho

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Darrell Newcomb]

Kevin Wigle  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

 W2K/XP does that automatically.  If you have the icon turned on in the
 system tray for the nic, you will see when the cable is unplugged and when
 it is plugged in again. (you don't need it turned on to work)

 this has been stated somewhere before in this thread.

That was me trying to keep everyone's perspective of the pre-w2k clients on
the described network.  But I didn't realize there were problems with w2k
clients as well at that point.

 But Chuck says he has W2K/XP and it isn't working. (for everybody).  Why
is
 it working for some and not others?
 In our lab we sometimes punch a PC from one segment to another.  When it
 doesn't work we just unplug and replug and it usually works the 2nd time.


Oh I didn't catch that part of the problem description.  I thought the users
were all 98/NT4.  If that were so, it would be perfectly expected what's
happening.

 Sounds like it's time to get the sniffer working.

Yes it really does sound like time to look at L2 and the ACTUAL details of
this situation.  Could be a variety of things but the packet capture should
show the cards.

After solving those though there is still the pre-w2k clients which aren't
disappearing tomorrow.  IMHO the traditional way to handle this before many
clients did the automatic renewal upon link up was to:
a)make the mobile access ports on one VLAN per building(or conveniently
close geographic footprint)
b)with caution tune lease times downward for those access VLANs to roughly
the time it would take to travel from one building/campus to another
Some folks also:
-got fancy with meeting the concept behind A and did things based upon mac
prefixes.
-just educated folks to release and acquire a new address or reboot(doesn't
help Chuck's situation much)

Darrell
Service Advisor
http://www.netswitch.net




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54576t=54402
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Priscilla Oppenheimer]

Darrell Newcomb wrote:
 
 Because pre-W2K windows didn't automatically try to renew a
 lease when the
 ethernet interface comes back up after being down.  So...if the
 old lease
 hadn't come up for renewal during the time the machine moved
 from point A to
 B.the users don't automatically get connectivity.

Plus with laptops, the user expects to not have to reboot. They may just
move from building to building without shutting down the laptop. It might go
to sleep, but you should just be able to hit a button and keep working. It
seems like a reasonable user expectation, but alas, we as networkers haven't
done a good job in this area. (at least with IP)

The technical issue is that the user is in a different subnet and needs a
new IP address and default gateway after moving to a new building, location,
whatever.

Priscilla

 
 Lots of options to teach the helpdesk how to educate
 usersbut since it
 'worked before' in Chuck's case it's seen as a (big?)
 problem(PITA).
 
 Larry Letterman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  why is that ? we have segmented avvid network across our
 campus. The
  laptops are all W2K and they work just
  fine without any issues on DHCP...The routers are all running
 hsrp and
  work correctly..
 
  Chuck's Long Road wrote:
 
  I see I should have made this one a Friday Folly :-
  
  In a Big Flat Bridged Network, a mobile user unplugs the
 laptop at one
  office, drives over to the next office, plugs back in, and
 no further
 action
  is required. The Windoze PC has retained it's IP address,
 and the network
  doesn't care about location, because it is one big flat
 network.
  
  However, in the brand new ATM based AVVID ready routed
 network, said
 mobile
  user is now in a different segment in each location. With
 Windoze, you
 have
  to manually intervene. Sometimes you have to release the IP
 address,
 reload
  the computer, and then get your new DHCP assignment. Users
 don't like
 this.
  After all, now they have to do something, whereas before
 they did not.
 Never
  mind the higher speed, the failover capability of the
 routers, the new
 100
  mbs switches rather than 10mbs. They have to take an extra
 step or two in
  order to log in.
  
  This is normal behaviour for Windoze machines, and maybe for
 DHCP clients
 in
  general. I have had to do this release / renew for years.
  
  But to the customer, who is pretty naive in terms of
 networking, there is
 a
  problem that was caused by the new routers.  To the users,
 there is a
  problem that never existed before.
  
  Like I said, serves me right. You give a customer a great
 new network,
 and
  you break something so rudimentary that it never would have
 occurred
  otherwise. :-
  
  --
  
  www.chuckslongroad.info
  like my web site?
  take the survey!
  
  
  
  Priscilla Oppenheimer  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  
  Spare us the mystery and tell us what you're getting at.
 :-) Did  you
  
  forget
  
  to tell the DHCP server to provide the correct default
 gateway address
 to
  the PCs? That's my guess, since you say everything else
 like helper
  addresses, etc. is configured correctly.  Just a late-night
 theory,
  
  waiting
  
  for Jay Leno to come on.
  
  Thanks,
  
  Priscilla
  
  Chuck's Long Road wrote:
  
  The AVVID solution I sold a few months ago is gong through
  implementation.
  This project has been problematic for a lot of reasons, so
 it
  is not unusual
  for a round of e-mails from the customer complaining about
 one
  thing or
  another.
  
  Today was a good one, however. Shows to go you have to ask
  things you
  normally wouldn't think about.
  
  DHCP - no big deal. Works fine. All of us have probably
 used it
  or
  configured it. All of us probably have experience with
 running
  several small
  sites off a single DHCP server at a central site.
  
  So why is the customer complaining about DHCP not working,
 and
  it's because
  our routers are screwed up and Microsoft told them that
 they
  would have to
  change their network addressing to a single class B rather
 than
  subnets of
  /16 space, the way I designed it?
  
  The routers are configured correctly. The network is
 designed
  correctly - no
  overlapping subnets. IP helpering is configured correctly.
  
  Problem occurs with several users, different NIC's, either
  Win2K or WinXP.
  No one common factor. Worked just fine before we put the
 new
  routers in.
  
  Recognizing that Microsoft is full of C**P and their TCP
 stack
  is S**T,
  still, why the problem.
  
  Gee, what happens to DHCP when you go from a single flat
  bridged network to
  a segmented routed network? Especially to mobile users, who
  travel from site
  to site for various reasons on a regular basis?
  
  Serves me right
  
  Chuck
  
  --
  
  www.chuckslongroad.info
  like my web site?
  take the survey!
  --
 
  Larry Letterman
  Network Engineer
  C

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Larry Letterman]

thats why we put in wireless in all our buildings..moving around is no 
problem...

Priscilla Oppenheimer wrote:

Darrell Newcomb wrote:

Because pre-W2K windows didn't automatically try to renew a
lease when the
ethernet interface comes back up after being down.  So...if the
old lease
hadn't come up for renewal during the time the machine moved
from point A to
B.the users don't automatically get connectivity.


Plus with laptops, the user expects to not have to reboot. They may just
move from building to building without shutting down the laptop. It might go
to sleep, but you should just be able to hit a button and keep working. It
seems like a reasonable user expectation, but alas, we as networkers haven't
done a good job in this area. (at least with IP)

The technical issue is that the user is in a different subnet and needs a
new IP address and default gateway after moving to a new building, location,
whatever.

Priscilla

Lots of options to teach the helpdesk how to educate
usersbut since it
'worked before' in Chuck's case it's seen as a (big?)
problem(PITA).

Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

why is that ? we have segmented avvid network across our

campus. The

laptops are all W2K and they work just
fine without any issues on DHCP...The routers are all running

hsrp and

work correctly..

Chuck's Long Road wrote:

I see I should have made this one a Friday Folly :-

In a Big Flat Bridged Network, a mobile user unplugs the

laptop at one

office, drives over to the next office, plugs back in, and

no further
action

is required. The Windoze PC has retained it's IP address,

and the network

doesn't care about location, because it is one big flat

network.

However, in the brand new ATM based AVVID ready routed

network, said
mobile

user is now in a different segment in each location. With

Windoze, you
have

to manually intervene. Sometimes you have to release the IP

address,
reload

the computer, and then get your new DHCP assignment. Users

don't like
this.

After all, now they have to do something, whereas before

they did not.
Never

mind the higher speed, the failover capability of the

routers, the new
100

mbs switches rather than 10mbs. They have to take an extra

step or two in

order to log in.

This is normal behaviour for Windoze machines, and maybe for

DHCP clients
in

general. I have had to do this release / renew for years.

But to the customer, who is pretty naive in terms of

networking, there is
a

problem that was caused by the new routers.  To the users,

there is a

problem that never existed before.

Like I said, serves me right. You give a customer a great

new network,
and

you break something so rudimentary that it never would have

occurred

otherwise. :-

--

www.chuckslongroad.info
like my web site?
take the survey!



Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

Spare us the mystery and tell us what you're getting at.

:-) Did  you

forget

to tell the DHCP server to provide the correct default

gateway address
to

the PCs? That's my guess, since you say everything else

like helper

addresses, etc. is configured correctly.  Just a late-night

theory,

waiting

for Jay Leno to come on.

Thanks,

Priscilla

Chuck's Long Road wrote:

The AVVID solution I sold a few months ago is gong through
implementation.
This project has been problematic for a lot of reasons, so

it

is not unusual
for a round of e-mails from the customer complaining about

one

thing or
another.

Today was a good one, however. Shows to go you have to ask
things you
normally wouldn't think about.

DHCP - no big deal. Works fine. All of us have probably

used it

or
configured it. All of us probably have experience with

running

several small
sites off a single DHCP server at a central site.

So why is the customer complaining about DHCP not working,

and

it's because
our routers are screwed up and Microsoft told them that

they

would have to
change their network addressing to a single class B rather

than

subnets of
/16 space, the way I designed it?

The routers are configured correctly. The network is

designed

correctly - no
overlapping subnets. IP helpering is configured correctly.

Problem occurs with several users, different NIC's, either
Win2K or WinXP.
No one common factor. Worked just fine before we put the

new

routers in.

Recognizing that Microsoft is full of C**P and their TCP

stack

is S**T,
still, why the problem.

Gee, what happens to DHCP when you go from a single flat
bridged network to
a segmented routed network? Especially to mobile users, who
travel from site
to site for various reasons on a regular basis?

Serves me right

Chuck

--

www.chuckslongroad.info
like my web site?
take the survey!

--

Larry Letterman
Network Engineer
Cisco Systems Inc.
-- 

Larry Letterman
Network Engineer
Cisco Systems Inc.




Message Posted at:
http://www.groupstudy.com/fo

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Chuck's Long Road]

well S*** Larry, thanks for providing that vital piece of troubleshooting
relevant information!

I still say you are using Mobile IP.

fess up ;-

Chuck

--

www.chuckslongroad.info
like my web site?
take the survey!



Larry Letterman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 thats why we put in wireless in all our buildings..moving around is no
 problem...

 Priscilla Oppenheimer wrote:

 Darrell Newcomb wrote:
 
 Because pre-W2K windows didn't automatically try to renew a
 lease when the
 ethernet interface comes back up after being down.  So...if the
 old lease
 hadn't come up for renewal during the time the machine moved
 from point A to
 B.the users don't automatically get connectivity.
 
 
 Plus with laptops, the user expects to not have to reboot. They may just
 move from building to building without shutting down the laptop. It might
go
 to sleep, but you should just be able to hit a button and keep working.
It
 seems like a reasonable user expectation, but alas, we as networkers
haven't
 done a good job in this area. (at least with IP)
 
 The technical issue is that the user is in a different subnet and needs a
 new IP address and default gateway after moving to a new building,
location,
 whatever.
 
 Priscilla
 
 Lots of options to teach the helpdesk how to educate
 usersbut since it
 'worked before' in Chuck's case it's seen as a (big?)
 problem(PITA).
 
 Larry Letterman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 
 why is that ? we have segmented avvid network across our
 
 campus. The
 
 laptops are all W2K and they work just
 fine without any issues on DHCP...The routers are all running
 
 hsrp and
 
 work correctly..
 
 Chuck's Long Road wrote:
 
 I see I should have made this one a Friday Folly :-
 
 In a Big Flat Bridged Network, a mobile user unplugs the
 
 laptop at one
 
 office, drives over to the next office, plugs back in, and
 
 no further
 action
 
 is required. The Windoze PC has retained it's IP address,
 
 and the network
 
 doesn't care about location, because it is one big flat
 
 network.
 
 However, in the brand new ATM based AVVID ready routed
 
 network, said
 mobile
 
 user is now in a different segment in each location. With
 
 Windoze, you
 have
 
 to manually intervene. Sometimes you have to release the IP
 
 address,
 reload
 
 the computer, and then get your new DHCP assignment. Users
 
 don't like
 this.
 
 After all, now they have to do something, whereas before
 
 they did not.
 Never
 
 mind the higher speed, the failover capability of the
 
 routers, the new
 100
 
 mbs switches rather than 10mbs. They have to take an extra
 
 step or two in
 
 order to log in.
 
 This is normal behaviour for Windoze machines, and maybe for
 
 DHCP clients
 in
 
 general. I have had to do this release / renew for years.
 
 But to the customer, who is pretty naive in terms of
 
 networking, there is
 a
 
 problem that was caused by the new routers.  To the users,
 
 there is a
 
 problem that never existed before.
 
 Like I said, serves me right. You give a customer a great
 
 new network,
 and
 
 you break something so rudimentary that it never would have
 
 occurred
 
 otherwise. :-
 
 --
 
 www.chuckslongroad.info
 like my web site?
 take the survey!
 
 
 
 Priscilla Oppenheimer  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 
 Spare us the mystery and tell us what you're getting at.
 
 :-) Did  you
 
 forget
 
 to tell the DHCP server to provide the correct default
 
 gateway address
 to
 
 the PCs? That's my guess, since you say everything else
 
 like helper
 
 addresses, etc. is configured correctly.  Just a late-night
 
 theory,
 
 waiting
 
 for Jay Leno to come on.
 
 Thanks,
 
 Priscilla
 
 Chuck's Long Road wrote:
 
 The AVVID solution I sold a few months ago is gong through
 implementation.
 This project has been problematic for a lot of reasons, so
 
 it
 
 is not unusual
 for a round of e-mails from the customer complaining about
 
 one
 
 thing or
 another.
 
 Today was a good one, however. Shows to go you have to ask
 things you
 normally wouldn't think about.
 
 DHCP - no big deal. Works fine. All of us have probably
 
 used it
 
 or
 configured it. All of us probably have experience with
 
 running
 
 several small
 sites off a single DHCP server at a central site.
 
 So why is the customer complaining about DHCP not working,
 
 and
 
 it's because
 our routers are screwed up and Microsoft told them that
 
 they
 
 would have to
 change their network addressing to a single class B rather
 
 than
 
 subnets of
 /16 space, the way I designed it?
 
 The routers are configured correctly. The network is
 
 designed
 
 correctly - no
 overlapping subnets. IP helpering is configured correctly.
 
 Problem occurs with several users, different NIC's, either
 Win2K or WinXP.
 No one common factor. Worked just fine before we put the
 
 new
 
 routers in.
 
 Recognizing that M

RE: OT: Serves Me Right - DHCP problem [7:54402]

[Larry Letterman]

well...when I unplug from my building and re-plug in next door
my win2K laptop re-acquires a new network ip from the new subnet..
Is this not normal ? Its been this way ever since I have had a laptop
on campus...


Larry Letterman
Network Engineer
Cisco Systems Inc.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, September 29, 2002 1:01 PM
To: [EMAIL PROTECTED]
Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]


Darrell Newcomb wrote:

 Because pre-W2K windows didn't automatically try to renew a
 lease when the
 ethernet interface comes back up after being down.  So...if the
 old lease
 hadn't come up for renewal during the time the machine moved
 from point A to
 B.the users don't automatically get connectivity.

Plus with laptops, the user expects to not have to reboot. They may just
move from building to building without shutting down the laptop. It might go
to sleep, but you should just be able to hit a button and keep working. It
seems like a reasonable user expectation, but alas, we as networkers haven't
done a good job in this area. (at least with IP)

The technical issue is that the user is in a different subnet and needs a
new IP address and default gateway after moving to a new building, location,
whatever.

Priscilla


 Lots of options to teach the helpdesk how to educate
 usersbut since it
 'worked before' in Chuck's case it's seen as a (big?)
 problem(PITA).

 Larry Letterman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  why is that ? we have segmented avvid network across our
 campus. The
  laptops are all W2K and they work just
  fine without any issues on DHCP...The routers are all running
 hsrp and
  work correctly..
 
  Chuck's Long Road wrote:
 
  I see I should have made this one a Friday Folly :-
  
  In a Big Flat Bridged Network, a mobile user unplugs the
 laptop at one
  office, drives over to the next office, plugs back in, and
 no further
 action
  is required. The Windoze PC has retained it's IP address,
 and the network
  doesn't care about location, because it is one big flat
 network.
  
  However, in the brand new ATM based AVVID ready routed
 network, said
 mobile
  user is now in a different segment in each location. With
 Windoze, you
 have
  to manually intervene. Sometimes you have to release the IP
 address,
 reload
  the computer, and then get your new DHCP assignment. Users
 don't like
 this.
  After all, now they have to do something, whereas before
 they did not.
 Never
  mind the higher speed, the failover capability of the
 routers, the new
 100
  mbs switches rather than 10mbs. They have to take an extra
 step or two in
  order to log in.
  
  This is normal behaviour for Windoze machines, and maybe for
 DHCP clients
 in
  general. I have had to do this release / renew for years.
  
  But to the customer, who is pretty naive in terms of
 networking, there is
 a
  problem that was caused by the new routers.  To the users,
 there is a
  problem that never existed before.
  
  Like I said, serves me right. You give a customer a great
 new network,
 and
  you break something so rudimentary that it never would have
 occurred
  otherwise. :-
  
  --
  
  www.chuckslongroad.info
  like my web site?
  take the survey!
  
  
  
  Priscilla Oppenheimer  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  
  Spare us the mystery and tell us what you're getting at.
 :-) Did  you
  
  forget
  
  to tell the DHCP server to provide the correct default
 gateway address
 to
  the PCs? That's my guess, since you say everything else
 like helper
  addresses, etc. is configured correctly.  Just a late-night
 theory,
  
  waiting
  
  for Jay Leno to come on.
  
  Thanks,
  
  Priscilla
  
  Chuck's Long Road wrote:
  
  The AVVID solution I sold a few months ago is gong through
  implementation.
  This project has been problematic for a lot of reasons, so
 it
  is not unusual
  for a round of e-mails from the customer complaining about
 one
  thing or
  another.
  
  Today was a good one, however. Shows to go you have to ask
  things you
  normally wouldn't think about.
  
  DHCP - no big deal. Works fine. All of us have probably
 used it
  or
  configured it. All of us probably have experience with
 running
  several small
  sites off a single DHCP server at a central site.
  
  So why is the customer complaining about DHCP not working,
 and
  it's because
  our routers are screwed up and Microsoft told them that
 they
  would have to
  change their network addressing to a single class B rather
 than
  subnets of
  /16 space, the way I designed it?
  
  The routers are configured correctly. The network is
 designed
  correctly - no
  overlapping subnets. IP helpering is configured correctly.
  
  Problem occurs with several users, different NIC's, either
  Win2K or WinXP.
  No one common factor. Worked just fine before we put the
 new
  routers in.
  
  Recognizin

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Kevin Wigle]

this has been stated somewhere before in this thread.

W2K/XP does that automatically.  If you have the icon turned on in the
system tray for the nic, you will see when the cable is unplugged and when
it is plugged in again. (you don't need it turned on to work)

W2K automatically senses that things have changed and will automatically do
the update.

However, Win95/Win98 does not do this.  These clients will have to
release/renew which of course clients aren't used to since the network was
flat.

If that's the way it's always been for you then you must be a youngster OR
no experience with Win9x OR always worked on a flat network.

I work in a large MAN (15,000+) users where we are just finishing migrating
to W2K Pro from NT 4.0 and Win95 (laptops have Win98).  Laptops would only
acquire a new address if the lease they had had expired.  If the lease has
not expired (or approached the first refesh time which is one half of lease)
then they will use the same address.

If they have expired then they will request from DHCP to use the same
address but DHCP will answer NO, and re-issue the proper IP info for that
segment.

But Chuck says he has W2K/XP and it isn't working. (for everybody).  Why is
it working for some and not others?
In our lab we sometimes punch a PC from one segment to another.  When it
doesn't work we just unplug and replug and it usually works the 2nd time.

Sounds like it's time to get the sniffer working.

Kevin Wigle


- Original Message -
From: Larry Letterman 
To: 
Sent: Sunday, September 29, 2002 10:41 PM
Subject: RE: OT: Serves Me Right - DHCP problem [7:54402]


 well...when I unplug from my building and re-plug in next door
 my win2K laptop re-acquires a new network ip from the new subnet..
 Is this not normal ? Its been this way ever since I have had a laptop
 on campus...


 Larry Letterman
 Network Engineer
 Cisco Systems Inc.



 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Sunday, September 29, 2002 1:01 PM
 To: [EMAIL PROTECTED]
 Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]


 Darrell Newcomb wrote:
 
  Because pre-W2K windows didn't automatically try to renew a
  lease when the
  ethernet interface comes back up after being down.  So...if the
  old lease
  hadn't come up for renewal during the time the machine moved
  from point A to
  B.the users don't automatically get connectivity.

 Plus with laptops, the user expects to not have to reboot. They may just
 move from building to building without shutting down the laptop. It might
go
 to sleep, but you should just be able to hit a button and keep working. It
 seems like a reasonable user expectation, but alas, we as networkers
haven't
 done a good job in this area. (at least with IP)

 The technical issue is that the user is in a different subnet and needs a
 new IP address and default gateway after moving to a new building,
location,
 whatever.

 Priscilla

 
  Lots of options to teach the helpdesk how to educate
  usersbut since it
  'worked before' in Chuck's case it's seen as a (big?)
  problem(PITA).
 
  Larry Letterman  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   why is that ? we have segmented avvid network across our
  campus. The
   laptops are all W2K and they work just
   fine without any issues on DHCP...The routers are all running
  hsrp and
   work correctly..
  
   Chuck's Long Road wrote:
  
   I see I should have made this one a Friday Folly :-
   
   In a Big Flat Bridged Network, a mobile user unplugs the
  laptop at one
   office, drives over to the next office, plugs back in, and
  no further
  action
   is required. The Windoze PC has retained it's IP address,
  and the network
   doesn't care about location, because it is one big flat
  network.
   
   However, in the brand new ATM based AVVID ready routed
  network, said
  mobile
   user is now in a different segment in each location. With
  Windoze, you
  have
   to manually intervene. Sometimes you have to release the IP
  address,
  reload
   the computer, and then get your new DHCP assignment. Users
  don't like
  this.
   After all, now they have to do something, whereas before
  they did not.
  Never
   mind the higher speed, the failover capability of the
  routers, the new
  100
   mbs switches rather than 10mbs. They have to take an extra
  step or two in
   order to log in.
   
   This is normal behaviour for Windoze machines, and maybe for
  DHCP clients
  in
   general. I have had to do this release / renew for years.
   
   But to the customer, who is pretty naive in terms of
  networking, there is
  a
   problem that was caused by the new routers.  To the users,
  there is a
   problem that never existed before.
   
   Like I said, serves me right. You give a customer a great
  new network,
  and
   you break something so rudimentary that it never would have
  occurred
   otherwise. :-
   
   --
   
   www.chuckslongroad.info
   like my