RE: Can block DHCP traffic at layer 2 switch? [7:73489]
VACL, VACL, VACL. See here: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_1/confg_gd/ acc_list.htm#26922 It gives you the exact commands to limit DHCP responses to specific server(s). Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Charles D Hammonds [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 10:20 PM To: [EMAIL PROTECTED] Subject: RE: Can block DHCP traffic at layer 2 switch? [7:73489] only thing I would know to do at L2 is port security... just lock it down to pre-identified MACs to prevent users from throwing unauthorized boxes on the network. Charles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 6:23 PM To: [EMAIL PROTECTED] Subject: Can block DHCP traffic at layer 2 switch? [7:73489] Dear All, We have configured DHCP server at the CORE switch and this will assign the ip address to the client located at edge switch. PC---edge switch-GE uplink---CORE---DHCP server (The network is pure Layer 2 network) But we are afraid that some end users will place their own DHCP server at the edge switch so it will interrupt the normal ip address assignment. Any method to block the unauthorized DCHP server? TIA. Lo Ching **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73506t=73489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Can block DHCP traffic at layer 2 switch? [7:73489]
Dear All, We have configured DHCP server at the CORE switch and this will assign the ip address to the client located at edge switch. PC---edge switch-GE uplink---CORE---DHCP server (The network is pure Layer 2 network) But we are afraid that some end users will place their own DHCP server at the edge switch so it will interrupt the normal ip address assignment. Any method to block the unauthorized DCHP server? TIA. Lo Ching Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73489t=73489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Can block DHCP traffic at layer 2 switch? [7:73489]
Not sure what filtering capabilities you have on the switch, but you might be able to set all of the subscriber facing ports to block the forwarding out of DHCP DISCOVERs and REBINDS requests. I forget the details, but you can determine the directionality of the DHCP requests (DISCOVERs/REBINDs vs OFFERs/ACKs) based on the UDP port numbers and set in/out filters accordingly. The cable companies encode similar filters in your cable modem to prevent someone with a DHCP server in their home from hearing and responding to DHCP requests from the rest of the neighborhood. Lo Ching wrote: Dear All, We have configured DHCP server at the CORE switch and this will assign the ip address to the client located at edge switch. PC---edge switch-GE uplink---CORE---DHCP server (The network is pure Layer 2 network) But we are afraid that some end users will place their own DHCP server at the edge switch so it will interrupt the normal ip address assignment. Any method to block the unauthorized DCHP server? TIA. Lo Ching Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73503t=73489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Can block DHCP traffic at layer 2 switch? [7:73489]
only thing I would know to do at L2 is port security... just lock it down to pre-identified MACs to prevent users from throwing unauthorized boxes on the network. Charles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 6:23 PM To: [EMAIL PROTECTED] Subject: Can block DHCP traffic at layer 2 switch? [7:73489] Dear All, We have configured DHCP server at the CORE switch and this will assign the ip address to the client located at edge switch. PC---edge switch-GE uplink---CORE---DHCP server (The network is pure Layer 2 network) But we are afraid that some end users will place their own DHCP server at the edge switch so it will interrupt the normal ip address assignment. Any method to block the unauthorized DCHP server? TIA. Lo Ching **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73491t=73489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ????DHCP Problem???? [7:71667]
It also depends on how your ISP is assigning IP addresses My Cable provider only assigned IP's to registered MAC addresses. In this case you can either register you E1 mac address with them, or you can spoof a registered mac address. Below is a snipet of one of my routers spoofing a MAC address, and configured to received its IP address via DHCP. interface Ethernet0 mac-address 0030.ab14.537a ip address dhcp client-id Ethernet0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71776t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ????DHCP Problem???? [7:71667]
UPDATE!!! I was able to get an IP on my 806 off my linksys, thru DHCP after I removed the ip verify unicast reverse-path command , but still unable to get one from my ISP thru my cable modem, even though I can get one on my linksys and direct to my PC off the same modem, kinda weird, maybe Cisco uses a different port # for DHCP requests and my ISP may not recognize it or be blocking it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71674t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ????DHCP Problem???? [7:71667]
Try interface ethernet 1 ip address negotiated I've seen some configuration like this before and believe it is when the other side is running a DHCP server. Kind regards, Janó Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71732t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
????DHCP Problem???? [7:71667]
Hi, I have started a home lab and have a Cisco 806 router with IOS 12.2 IP F/W Plus installed on it. I am trying to set up the 806 to be my gateway between my home network and my cable modem. I have set up nat and have that working properly, and I have tried RIP v2 running between the 806 and Linksys, which works ok, my problem is that I can't pull a DHCP IP address from my ISP from my e1 int to save my life, I can get an ip on my linksys off the cable modem and direct into my PC just fine but when I try it on my 806 no matter what I try it just wont take an IP off my cable modem, I know it has to be something in my config, because my modem works fine everywhere else, if you guys could take a look at my config and help me out I would appreciate it - THANKS!!! 806#sh ru Building configuration... Current configuration : 1726 bytes ! version 12.2 no parser cache no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname 806 ! logging console informational ! clock timezone PST -8 clock summer-time PDT recurring ip subnet-zero no ip source-route no ip domain lookup ip name-server x.x.x.x ip name-server x.x.x.x ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 10.10.10.2 ip dhcp ping packets 1 ip dhcp ping timeout 100 ! ip dhcp pool CLIENT import all network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 ! ip dhcp pool client ! no ip bootp server ip cef ! ! ! interface Ethernet0 ip address 10.10.10.3 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip accounting access-violations ip nat inside no cdp enable hold-queue 32 in hold-queue 100 out ! interface Ethernet1 description Internet ip address dhcp ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip accounting access-violations ip nat outside no cdp enable ! ip nat log translations syslog ip nat inside source list 1 interface Ethernet0 overload no ip classless ip route 0.0.0.0 0.0.0.0 192.168.1.1 no ip http server ! ! access-list 1 permit any access-list 102 permit ip 10.10.10.0 0.0.0.255 any dialer-list 1 protocol ip permit dialer-list 1 protocol ipx permit no cdp run ! line con 0 exec-timeout 120 0 logging synchronous stopbits 1 line vty 0 4 exec-timeout 0 0 exec prompt timestamp length 0 ! scheduler max-task-time 5000 scheduler interval 500 end Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71667t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ????DHCP Problem???? [7:71667]
UPDATE!!! I was able to get an IP on my 806 off my linksys, thru DHCP after I removed the ip verify unicast reverse-path command , but still unable to get one from my ISP thru my cable modem, even though I can get one on my linksys and direct to my PC off the same modem, kinda weird, maybe Cisco uses a different port # for DHCP requests and my ISP may not recognize it or be blocking it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71673t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp packets not visible in 6509 [7:70898]
Vik, There could be any number of reasons that DHCP isn't working. The client may not be requesting DHCP, the switch may not have portfast enabled, a router not having an IP helper address, DHCP server offline, DHCP server without a scope for the VLAN, and so on. Perform a packet trace from the DHCP client and if necessary on the DHCP server (using SPAN). You will be able to determine the problem by identifying which packets are present in the capture and which are not. For example, you may find that the client sends a DHCP discovery packet but does not receive an offer packet from the DHCP server. If you see the same behavior on the server port (discovery, no offer) then it's possible that: - The DHCP server isn't operational or the service/daemon isn't running - The DHCP server doesn't have a scope defined for that VLAN - The DHCP server has run out of IP addresses for that VLAN On the other hand, if you the capture shows a discovery packet is sent by the client but the packet is never seen by the DHCP server it's much more likely that you have a missing (or incorrect) IP helper address. Once you perform the packet capture(s) you will probably need no further help. If you do, the information obtained from the capture would be enough for the group to point you in the right direction. - Tom Vik Vikky wrote: Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70926t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
dhcp packets not visible in 6509 [7:70898]
Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70898t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RES: dhcp packets not visible in 6509 [7:70898]
Did you enable spannint-tree portfast ? I'd use set port host instead , which includes STP portfast, aomong other things . . . _ Henrique Issamu Terada, CCIE # 7460 IT Support - Open Network CPM S.A. - Tecnologia criando valor Tel.: 55 11 4196-0710 Fax: 55 11 4196-0900 [EMAIL PROTECTED] www.cpm.com.br -- --- Esta mensagem pode conter informagco confidencial e/ou privilegiada. Se vocj nco for o destinatario ou a pessoa autorizada a receber esta mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas ou tomar qualquer agco baseada nessas informagues. Se vocj recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Mensagem original- De: Vik Vikky [SMTP:[EMAIL PROTECTED] Enviada em: quarta-feira, 18 de junho de 2003 22:14 Para: [EMAIL PROTECTED] Assunto: dhcp packets not visible in 6509 [7:70898] Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70902t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp packets not visible in 6509 [7:70898]
you need to enable portfast. Read about portfast. Set spantree portfast enable ( I think this is the syntax I don't have a 6509 in front of me now.) Vik Vikky wrote in message news:[EMAIL PROTECTED] Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70903t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Can't get a PIX 506 to get DHCP from Comcast Cable. [7:64209]
I updated a PIX 506 with 6.2.2 and the lastest PDM. I did the setup through the PDM, setup PAT for the outside to inside interface, and told it to use DHCP to acquire on the outside interface. Comcast assigns IP addresses in the Philadelphia area according to the MAC address, so if you change the network card or device attached to the cable modem you'll get a different IP. I turned the modem off, attached the Pix, turned on the modem, and then fired up the PiX. The standard settings in the PDM should work, but it isn't. Has anyone had any luck getting the Pix to get dhcp from Comcast? Howard Bloom 610-745-0115 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64209t=64209 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can't get a PIX 506 to get DHCP from Comcast Cable. [7:64211]
Works fine for me... ip address outside dhcp setroute global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 Mike --- H Howard Lewis Bloom wrote: I updated a PIX 506 with 6.2.2 and the lastest PDM. I did the setup through the PDM, setup PAT for the outside to inside interface, and told it to use DHCP to acquire on the outside interface. Comcast assigns IP addresses in the Philadelphia area according to the MAC address, so if you change the network card or device attached to the cable modem you'll get a different IP. I turned the modem off, attached the Pix, turned on the modem, and then fired up the PiX. The standard settings in the PDM should work, but it isn't. Has anyone had any luck getting the Pix to get dhcp from Comcast? Howard Bloom 610-745-0115 [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64211t=64211 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can't get a PIX 506 to get DHCP from Comcast C [7:64211]
Do you have any kind of access lists that are blocking private addresses from the outside? I had an issue with Time Warner sourcing their DHCP from a 10dot address and I had an ACL on my 2600 blocking all private addresses. What are you getting on your syslog? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64215t=64211 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can't get a PIX 506 to get DHCP from Comcast Cable. [7:64222]
if it doesn't work, try to do this mannually in configuration mode: ip address outside dhcp setroute retry 5 You may have to do it several times for it to work. I live in MD and my cable modem provider is comcast and it works. H Howard Lewis Bloom wrote:I updated a PIX 506 with 6.2.2 and the lastest PDM. I did the setup through the PDM, setup PAT for the outside to inside interface, and told it to use DHCP to acquire on the outside interface. Comcast assigns IP addresses in the Philadelphia area according to the MAC address, so if you change the network card or device attached to the cable modem you'll get a different IP. I turned the modem off, attached the Pix, turned on the modem, and then fired up the PiX. The standard settings in the PDM should work, but it isn't. Has anyone had any luck getting the Pix to get dhcp from Comcast? Howard Bloom 610-745-0115 Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, and more Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64222t=64222 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP Relay [7:63625]
Hi all, A simple DHCP question for you. How do I configure the router (Cisco 1720) at our remote site to forward DHCP requests back to our Windows 2000 DHCP server at the head office? IOS Version is 12.0(3)T both routers are identical Cheers Stu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63625t=63625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay [7:63625]
Stuart Pittwood wrote: How do I configure the router (Cisco 1720) at our remote site to forward DHCP requests back to our Windows 2000 DHCP server at the head office? Look at 'ip helper-address'. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63626t=63625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DNS and DHCP question [7:63663]
Hi all, A quick question. 803 router, 12.0(4) IOS. Is it possible to acquire DNS server addresses dynamically from an ISP and then distribute them via DHCP to a NATted LAN? I can't seem to work out how to do this. John McGinn Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63663t=63663 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62947]
The problem was sorted with portfasta big thankyou to all that helped and all that criticised Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62947t=62947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
Tunde, If configuring static IP addresses served as a temporary workaround, your problem is DHCP. Enabling Spanning Tree portfast on the ports to which stations directly attach will fix your problem: set spantree portfast enable - Tom On Fri, 07 Feb 2003 12:16:47 +, Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62702t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
Tunde, If configuring static IP addresses served as a temporary workaround, your problem is DHCP. Enabling Spanning Tree portfast on the ports to which stations directly attach will fix your problem: set spantree portfast enable - Tom On Fri, 07 Feb 2003 12:16:47 +, Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62695t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
the problem is dhcp...the client doesnt get an ip address hence the no domain controllererror message. i have enabled portfast on a few of the ports and i am waiting to get results on mondayi will keep u posted. regards, Tunde - Original Message - From: Priscilla Oppenheimer To: Sent: Friday, February 07, 2003 11:22 PM Subject: RE: Catalyst 4000 and DHCP [7:62632] Waters, Kristina wrote: I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Sure it could. He says all that he did was put a switch in, but there's a good chance he did more than that, but we may never know... Sigh. But a new switch might imply that he also put in VLANs, a L3 module, etc. When people send in questions, it would be nice if they would send in enough info so we could do more than guess. It would be nice if they would provide a follow-up also and let us know what the problem really was and what fixed it. Some people can't stand the out of the office messages. I can't stand the messages that ressemble someone calling their doctor on the phone and saying no more than, Hey doc, I'm tired. Why? Now, if you go to the doctor in person, this might be OK because then the doctor can examine you. Here the analogy falls apart. We can't examine someone else's network. However, the wise poster will communicate info to us about their examination of their network to help us help them. (This isn't targetted at the original poster specifically, who did supply at least some info.) Troubleshooting should be done systematically. It's not a guessing game. Hope we learn more about what the issue was! It could be educational for many of us. Priscilla Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error
Re: Catalyst 4000 and DHCP [7:62632]
tunde kalejaiye wrote: the problem is dhcp...the client doesnt get an ip address hence the no domain controllererror message. i have enabled portfast on a few of the ports and i am waiting to get results on mondayi will keep u posted. regards, Thanks for getting back to us. This is how Group Study should work! I guess I shouldn't have gone off on a tangent with some guesses about something other than this obvious thing being wrong. :-) Sometimes when we have information about only one symptom, the obvious hypothesis is right. Often that's not the case, though, and more info should be gathered. Probably the client ends up with an address from the Microsoft Automatic Private IP Addressing scheme, 169.254.0.1 through 169.254.255.254. Depending on the OS, a lot of machines choose for themselves one of these addresses if set to receive an address dynamically and DHCP fails. That would have been the additional clue that would have helped solidify a good hypotheses. Thanks to everyone who participated. Do keep us posted! Thanks! Priscilla Tunde - Original Message - From: Priscilla Oppenheimer To: Sent: Friday, February 07, 2003 11:22 PM Subject: RE: Catalyst 4000 and DHCP [7:62632] Waters, Kristina wrote: I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Sure it could. He says all that he did was put a switch in, but there's a good chance he did more than that, but we may never know... Sigh. But a new switch might imply that he also put in VLANs, a L3 module, etc. When people send in questions, it would be nice if they would send in enough info so we could do more than guess. It would be nice if they would provide a follow-up also and let us know what the problem really was and what fixed it. Some people can't stand the out of the office messages. I can't stand the messages that ressemble someone calling their doctor on the phone and saying no more than, Hey doc, I'm tired. Why? Now, if you go to the doctor in person, this might be OK because then the doctor can examine you. Here the analogy falls apart. We can't examine someone else's network. However, the wise poster will communicate info to us about their examination of their network to help us help them. (This isn't targetted at the original poster specifically, who did supply at least some info.) Troubleshooting should be done systematically. It's not a guessing game. Hope we learn more about what the issue was! It could be educational for many of us. Priscilla Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message
Re: Catalyst 4000 and DHCP [7:62632]
Larry Letterman wrote: Hi Priscilla, I am reading your book that you sent me..why? :) need more info ? Yes, do tell! :-) Thanks. Priscilla Larry Letterman Network Engineer Cisco Systems - Original Message - From: Priscilla Oppenheimer To: Sent: Friday, February 07, 2003 3:22 PM Subject: RE: Catalyst 4000 and DHCP [7:62632] Waters, Kristina wrote: I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Sure it could. He says all that he did was put a switch in, but there's a good chance he did more than that, but we may never know... Sigh. But a new switch might imply that he also put in VLANs, a L3 module, etc. When people send in questions, it would be nice if they would send in enough info so we could do more than guess. It would be nice if they would provide a follow-up also and let us know what the problem really was and what fixed it. Some people can't stand the out of the office messages. I can't stand the messages that ressemble someone calling their doctor on the phone and saying no more than, Hey doc, I'm tired. Why? Now, if you go to the doctor in person, this might be OK because then the doctor can examine you. Here the analogy falls apart. We can't examine someone else's network. However, the wise poster will communicate info to us about their examination of their network to help us help them. (This isn't targetted at the original poster specifically, who did supply at least some info.) Troubleshooting should be done systematically. It's not a guessing game. Hope we learn more about what the issue was! It could be educational for many of us. Priscilla Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde ** This email and any files transmitted
Re: Catalyst 4000 and DHCP [7:62632]
Hi Priscilla, I am reading your book that you sent me..why? :) need more info ? Larry Letterman Network Engineer Cisco Systems - Original Message - From: Priscilla Oppenheimer To: Sent: Friday, February 07, 2003 3:22 PM Subject: RE: Catalyst 4000 and DHCP [7:62632] Waters, Kristina wrote: I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Sure it could. He says all that he did was put a switch in, but there's a good chance he did more than that, but we may never know... Sigh. But a new switch might imply that he also put in VLANs, a L3 module, etc. When people send in questions, it would be nice if they would send in enough info so we could do more than guess. It would be nice if they would provide a follow-up also and let us know what the problem really was and what fixed it. Some people can't stand the out of the office messages. I can't stand the messages that ressemble someone calling their doctor on the phone and saying no more than, Hey doc, I'm tired. Why? Now, if you go to the doctor in person, this might be OK because then the doctor can examine you. Here the analogy falls apart. We can't examine someone else's network. However, the wise poster will communicate info to us about their examination of their network to help us help them. (This isn't targetted at the original poster specifically, who did supply at least some info.) Troubleshooting should be done systematically. It's not a guessing game. Hope we learn more about what the issue was! It could be educational for many of us. Priscilla Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments
Catalyst 4000 and DHCP [7:62632]
hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62632t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
Make sure you turn on portfast for workstation ports. set spantree portfast enable This will cause the port to start forwarding in 5 seconds as apposed to 50. Ronnie Tunde Kalejaiye wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62633t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 4000 and DHCP [7:62632]
Do yo have portfast enabled on all end user ports? Kris -Original Message- From: Tunde Kalejaiye [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 7:17 AM To: [EMAIL PROTECTED] Subject: Catalyst 4000 and DHCP [7:62632] hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62634t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62652]
is port fast on ? are ip helpers turned on the gateways? are you using wins servers or AD ? Larry Letterman Network Engineer Cisco Systems - Original Message - From: Tunde Kalejaiye To: Larry Letterman ; Sent: Friday, February 07, 2003 4:14 AM Subject: Catalyst 4000 and DHCP hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62652t=62652 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 4000 and DHCP [7:62632]
Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62653t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 4000 and DHCP [7:62632]
I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62662t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
I suppose its possible to have a L3 issue, but if the L3 card is setup for the Vlan interfaces and routing properly, and the appropriate helpers are in place on the L3 interface, the 4006 should work. Usually this issue is a result of the STP 50 second forward time on the L2 port. Larry Letterman Network Engineer Cisco Systems - Original Message - From: Waters, Kristina To: Sent: Friday, February 07, 2003 11:58 AM Subject: RE: Catalyst 4000 and DHCP [7:62632] I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments. ** [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62668t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
Tunde, It sounds like your users are getting blocked by spanning tree on bootup. Since the switch is spending ~50 seconds running spanning-tree before it forwards any data, the DHCP requests aren't even getting through. PortFast bypasses the usual spanning tree thing. It allows the port to forward data almost as soon as its initialized. It a good idea to only use portfast on a port to has an end node like a PC, server, or printer. If your switch uses CatOS 7.1 or Native IOS 12.1(11)EX then it implements Rapid spanning tree (802.1w) which shortens the time spent learning the network before forwarding. You still need to use the portfast keyword to configure the port as an edge port though. Here's a link about it: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml Hope this helps. Karen *** REPLY SEPARATOR *** On 2/7/2003 at 12:16 PM Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62677t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 4000 and DHCP [7:62632]
Waters, Kristina wrote: I am curious as to whether anything else got upgraded besides the new switch. I got the impression that this wasn't a problem before the upgrade, in which case portfast could definitely be the culprit. However, you could also see this error if DNS is improperly configured in a win2k domain. Also, I'm not sure about this, but if the 4006 has a sup3 or sup4, could the problem be related to layer 3? Sure it could. He says all that he did was put a switch in, but there's a good chance he did more than that, but we may never know... Sigh. But a new switch might imply that he also put in VLANs, a L3 module, etc. When people send in questions, it would be nice if they would send in enough info so we could do more than guess. It would be nice if they would provide a follow-up also and let us know what the problem really was and what fixed it. Some people can't stand the out of the office messages. I can't stand the messages that ressemble someone calling their doctor on the phone and saying no more than, Hey doc, I'm tired. Why? Now, if you go to the doctor in person, this might be OK because then the doctor can examine you. Here the analogy falls apart. We can't examine someone else's network. However, the wise poster will communicate info to us about their examination of their network to help us help them. (This isn't targetted at the original poster specifically, who did supply at least some info.) Troubleshooting should be done systematically. It's not a guessing game. Hope we learn more about what the issue was! It could be educational for many of us. Priscilla Kris -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, February 07, 2003 1:24 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 4000 and DHCP [7:62632] Tunde Kalejaiye wrote: hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Your message title implies that there's a problem with DHCP, but then your message text implies that the problem is with Windows networking, specifically a client trying to reach the domain controller? (I assume you mean the Windows type domain server and not the IP Domain Name System.) So, verify for yourself and us that DHCP is working first. If the failure is with DHCP, try the stuff other folks recommended. Enable portfast so that the clients can start receiving replies to their DHCP request ASAP. Also, you may need a helper address, depending on where your DHCP server is located. Feel free to send us more info about your topology and configuration. Then, you have to get Winblows working. I did have all sorts of problems getting this to work with a consulting client who had upgraded to VLANs. Unfortunately, he fixed the problems in the end without my help, so I don't know the details, one of the frustrating things about being a consulant. (A lot of help that is. ;-) But you could look through some Group Study messages from about a month ago. A bunch of folks had ideas to help. I think the title of the thread was something about Windows Networking. Here's one message that a wise person on the list sent' I've forgotten who, sorry. Simplest solution is to put a WINS Server on the Subnet that can't find the DC. Configure it to replicate with the DC on the other Subnet, or Statically configure the Domain Name entry for the NT Domain on the WINS Server in the troubled subnet. Your DC Not Found issue should be resolved then. More Administratively intensive solution is to modify the LMHOSTS file to have the following entry on every Windows Workstation/Server in the troubled subnet. IP.ADD.RE.SS MachineName #PRE #DOM:Domain-Name Microsoft has tons of documentation on this sort of thing. Keep us posted! Thanks, Priscilla Tunde ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62678t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
Cog - DHCP relay is not yet supported on the 3002 Cisco VPN product line. Had a customer that wanted to do that instead we had to utilize the the internal pool to provide addresses. Regards, Randy On Tue, 21 Jan 2003 20:09:47 GMT cog writes: I have a 3002 at a remote site in Network Extension Mode. I need to have clients get IP addresses from a centralized DHCP server at Corporate via a broadcast from the client thru the tunnel to the server. Does the 3002 allow me to add a helper? s vermill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... cog wrote: Anyone have a way to get DHCP relay working on Cisco 3002? What's the problem? And what IOS? [EMAIL PROTECTED] Sign Up for Juno Platinum Internet Access Today Only $9.95 per month! Visit www.juno.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61645t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP Relay on cisco 3002 [7:61486]
Anyone have a way to get DHCP relay working on Cisco 3002? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61486t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Relay on cisco 3002 [7:61486]
cog wrote: Anyone have a way to get DHCP relay working on Cisco 3002? What's the problem? And what IOS? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61490t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
I have a 3002 at a remote site in Network Extension Mode. I need to have clients get IP addresses from a centralized DHCP server at Corporate via a broadcast from the client thru the tunnel to the server. Does the 3002 allow me to add a helper? s vermill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... cog wrote: Anyone have a way to get DHCP relay working on Cisco 3002? What's the problem? And what IOS? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61493t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
I have this in the config file, Anyone know what to set these as? The DHCP server? The Private IP of the 3002? Cisco, are you there? [dhcp_server] enable=1 LeaseTimeout=120 Relay=2 RelayAddr=0.0.0.0 RelayMask=0.0.0.0 IntMSHack=1 cog wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone have a way to get DHCP relay working on Cisco 3002? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61491t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
cog wrote: I have a 3002 at a remote site in Network Extension Mode. I need to have clients get IP addresses from a centralized DHCP server at Corporate via a broadcast from the client thru the tunnel to the server. Does the 3002 allow me to add a helper? I should have looked at your model number more closely before chiming in. Don't know much about Ciscos VPN line. But a quick search on CCO did bring up something about DHCP Intercept. Unfortunately, nothing about how to set it up. Do you have the product literature? Check for DHCP Intercept in the index if you do. Sorry for not being much help. I was just looking at the 3700 series for a new project and had that on the brain when I read 3002. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61536t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX DHCP problem [7:60893]
To all, Use the show route command to see if you received the default route. One configuration mistake that you might have made with the ip address command is omitting the optional setroute parameter at the end. This parameter accepts and uses the default route received from the ISP. The command should look like this: ip address outside dhcp setroute Also, remember that if you are pinging THROUGH the PIX from the inside interface, you must have an ACL on the outside interface allowing the returning ICMP traffic: ICMP traffic is NOT stateful in the PIX. You can also use the following debug command to help troubleshoot (assuming you have 6.2): [no] debug dhcpc detail|error|packet Hope this helps! Cheers! -- Richard A. Deal Visit my home page at http://home.cfl.rr.com/dealgroup/ Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco exams on the market. supernet wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a PIX 506 and would like to use it for my home office. My ISP assigns dynamic IP to me. I can see my PIX 506 got the IP address but I can't ping anywhere. I don't know if it gets default gateway. How do I verify? Thanks. Yoshi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60917t=60893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX DHCP problem [7:60893]
I have a PIX 506 and would like to use it for my home office. My ISP assigns dynamic IP to me. I can see my PIX 506 got the IP address but I can't ping anywhere. I don't know if it gets default gateway. How do I verify? Thanks. Yoshi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60893t=60893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RE: campus LAN Design w/DHCP Server [7:59724]
Thanks Scott! It does bode well, despite the weird Dest Unreachable (Port Unreachable) from the server. Thanks again. Priscilla s vermill wrote: Priscilla, Well, itÂ’s been an interesting project. Unfortunately, the DHCP server app that I wound up trying (Vicomsoft) was so buggy that I couldnÂ’t keep it from crashing. Even when it was running, it was highly, highly unstable. Granted, it was a demo, but I would think a demo would have basic functionality. Furthermore, I couldnÂ’t get into the console port of the 2900XL. Tried everything. The darned port is fried. SoÂ…here is what I came up with: 2621 | | | Foundry Networks switch | | | | | | DHCP Serv DHCP Client The 2621, with 64M of memory and 8M of flash, is running 12.1-18 IP Plus. I donÂ’t know much about the Foundry switch. It was straight out of the box just yesterday. I configured it with a dot1q trunk to the router, an access port in vlan 100 (192.168.1.0/24), and an access port in vlan 200 (192.168.2.0/24). The server (192.168.1.100) was attached to VLAN 100 and the client (192.168.2.?) to vlan 200. The router subinterfaces were the .1 address. Subinterface F0/0.2 had an IP helper address of 192.168.1.100. On a couple of occasions I moved the client to vlan 100. The server did actually work two or three times with a local client. It never once worked with a non-local client. The good news is that the DHCP Discovery crossed the vlans via the 2621 and looked to be in pretty good shape: Frame 44 (343 bytes on wire, 343 bytes captured) Arrival Time: Dec 21, 2002 18:01:21.694951000 Time delta from previous packet: 0.721309000 seconds Time relative to first packet: 40.720429000 seconds Frame Number: 44 Packet Length: 343 bytes Capture Length: 343 bytes Ethernet II, Src: 00:02:fd:1d:c0:20, Dst: 00:08:74:03:77:b5 Destination: 00:08:74:03:77:b5 (Dell_Com_03:77:b5) Source: 00:02:fd:1d:c0:20 (Cisco_1d:c0:20) Type: IP (0x0800) Internet Protocol, Src Addr: 192.168.2.1 (192.168.2.1), Dst Addr: 192.168.1.100 (192.168.1.100) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 329 Identification: 0x0061 Flags: 0x00 .0.. = Don't fragment: Not set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 255 Protocol: UDP (0x11) Header checksum: 0x358d (correct) Source: 192.168.2.1 (192.168.2.1) Destination: 192.168.1.100 (192.168.1.100) User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67) Source port: bootps (67) Destination port: bootps (67) Length: 309 Checksum: 0xde84 (correct) Bootstrap Protocol Message type: Boot Request (1) Hardware type: Ethernet Hardware address length: 6 Hops: 1 Transaction ID: 0xcb4d080c Seconds elapsed: 17250 Bootp flags: 0x8000 (Broadcast) 1... = Broadcast flag: Broadcast .000 = Reserved flags: 0x Client IP address: 0.0.0.0 (0.0.0.0) Your (client) IP address: 0.0.0.0 (0.0.0.0) Next server IP address: 0.0.0.0 (0.0.0.0) Relay agent IP address: 192.168.2.1 (192.168.2.1) Client hardware address: 00:06:5b:e4:d3:97 Server host name not given Boot file name not given Magic cookie: (OK) Option 53: DHCP Message Type = DHCP Discover Unknown Option Code: 251 (1 bytes) Option 61: Client identifier Hardware type: Ethernet Client hardware address: 00:06:5b:e4:d3:97 Option 50: Requested IP Address = 192.168.1.2 Option 12: Host Name = laprmccarverGFE Option 60: Vendor class identifier = MSFT 5.0 Option 55: Parameter Request List 1 = Subnet Mask 15 = Domain Name 3 = Router Notice the relay agent address of 192.168.2.1. That bodes well. However, for some reason, this was the response: Frame 45 (70 bytes on wire, 70 bytes captured) Arrival Time: Dec 21, 2002 18:01:21.69501 Time delta from previous packet: 0.59000 seconds Time relative to first packet: 40.720488000 seconds Frame Number: 45 Packet Length: 70 bytes Capture Length: 70 bytes Ethernet II, Src: 00:08:74:03:77:b5, Dst: 00:02:fd:1d:c0:20 Destination: 00:02:fd:1d:c0:20 (Cisco_1d:c0:20) Source: 00:08:74:03:77:b5 (Dell_Com_03:77:b5) Type: IP (0x0800) Internet Protocol, Src Addr: 192.168.1.100 (192.168.1.100), Dst Addr: 192.168.2.1
RE: campus LAN design w/DHCP server [7:59578]
Priscilla, I haven’t forsaken you (yet). But here’s the deal: My 2610 only has 24M of memory. I ignored the recommendation for at least 40M to run 12.1 IP Plus only to meet with disastrous results. I need IP Plus on this old clunker to enable dot1q (and I’m pretty sure at least 12.1 also). So...I found what appears to be a 2620 in one of our labs. There’s a 2900XL nearby. I suspect I can fire the two up and get ‘em going. However, the only module in the 2900 uplink slot is GigE. So does anyone know if I can configure one of the 24 access ports to trunk? I have minimal experience with the 2900XL and that was over a year ago. The real problem is that I don’t have any servers in that lab at the moment. Does anyone know of a simple stand-alone DHCP application that will run on a Windows machine? If not, the best I can do at the moment using a 2600 would be to put a sniffer on 192.168.1.0 and a client on 192.168.2.0. The captured DHCP client requests should show whether or not the pertinent subinterface address is being plugged into giaddr. Regards, Scott s vermill wrote: Priscilla, I'm sure someone can verify this with a 2600 specifically. As far as DHCP in general, yes. We just did this with a much larger 6509-based network. No problems. The only difference, of course, is that the MSFC has virtual router interfaces per VLAN - not subinterfaces on a router on a stick. Can't see why DHCP itself would know or care. But I guess you can't know for sure what that subinterface on the 2600 will do until someone specifically verifies it. If you don't get such a response, I've got a 2600 laying around at the moment. I'll dig up a switch, set up a DHCP server, and mock 'er up for ya. Won't take long at all. Regards, Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59684t=59578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: campus LAN design w/DHCP server [7:59646]
Priscilla Oppenheimer wrote: It's a fast Ethernet trunk, actually. I forgot to mention that. He does have some internal servers. Do you think in and out of a Fast Ethernet trunk will be less of a problem? The 2600 might be. He had a broadcast meltdown last week. Perhaps that's why he's concerned. He was using ghosting software. Symantec Ghost will kill a 2600, 4500, and RSP1 by itself if it is multicasting (which it should be, not broadcasting) and you are doing multicast routing (pim-sparse or pim-dense) and sometimes even when you disable MR. I know this from the school of hard knocks - you will have CPU starvation with a 100Mbps-capable LAN (maybe not at 10Mb, but then you would saturate the net). A 7200/NPE-300 can handle it nicely. DHCP isn't much of a problem, but when you enable the ip helper-address be sure to selectively disable (no ip forward-protocol) everything else you don't need (DNS, TFTP, NetBIOS, etc). Jeff Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59678t=59646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: campus LAN design w/DHCP server [7:59664]
Hey Priscilla, I feel about 10 times better knowing it's a fast ethernet :) If there's anyway to localize the traffic, such as putting department X's clients and servers on vlan 100, and department Y's clients/servers on the other, it'd be optimal. But even if you can't it should run pretty well. Worse comes to worse, they could always buy a 3550 and have that route between VLANs at like light speed. Which ghosting software is the client using? I thought that Ghost itself used multicast and was IGMP aware. Chuck Church CCIE #8776, MCNE, MCSE It's a fast Ethernet trunk, actually. I forgot to mention that. He does have some internal servers. Do you think in and out of a Fast Ethernet trunk will be less of a problem? You know my first reaction was also just move the subnet mask over. But he didn't seem to want to do that. He had a broadcast meltdown last week. Perhaps that's why he's concerned. He was using ghosting software. Thanks for the input! Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59664t=59664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: campus LAN design w/DHCP server [7:59578]
There are no dumb questions. Lots of dumb answers, though ;-) We do this all the time when setting up Voice Vlans for AVVID. The configuration below details the operation of DHCP and the configuration required. You should be fine with the example you gave. http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a 0080114aee.shtml Frank Jimenez, CCIE #5738 Systems Engineer Dallas Commercial Cisco Systems, Inc. [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 19, 2002 7:18 PM To: [EMAIL PROTECTED] Subject: campus LAN design w/DHCP server [7:59578] Sorry if this is a dumb question! ;-) I want to make sure this design will work before implementing it. The customer has been using 192.168.168.0/24 in one small flat LAN. He has run out of these addresses and is being hit by performance issues related to broadcasts. He wants to implement subnets and VLANs: VLAN 100 192.168.168.0/24 VLAN 200 192.168.169.0/24 New design: Internet | s0 2600 router e1 --- public servers e0 | dot1q trunk switch VLAN 200 VLAN 100 There is just one DHCP server. It will be in VLAN 100, address 192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets. We're going to do inter-VLAN routing on the 2600 router. Will this config work as far as DHCP is concerned? interface ethernet 0 no ip address interface ethernet 0.1 encapsulation dot1q 100 ip address 192.168.168.1 255.255.255.0 interface ethernet 0.2 encapsulation dot1q 200 ip address 192.168.169.1 255.255.255.0 ip helper-address 192.168.168.10 Devices in VLAN 100 will broadcast and get to the DHCP server directly. The DHCP server is in their VLAN/subnet. Devices in VLAN 200 will broadcast. The router will hopefully pick up the broadcast, convert it to a unicast to the DHCP server and send it back out e0, with the GIADDR address filled in so the server will use the right scope. Sounds like it should work, but for some unknown reason, I couldn't find an example that showed this. Thanks so much for your help. You could save my Christmas by helping me verify (or poke holes) in this design! I just wanted to check on the DHCP aspect at this point. I can fix up the NAT and routing. My brain stopped working after the last egg nog, so help is needed! :-) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59616t=59578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: campus LAN design w/DHCP server [7:59646]
If everyone just goes to the internet, it'll work. But if you've got one or more servers internally, I'd be real afraid of trunking on a 10 mb interface. You'll reduce your broadcasts, but I think performance will suffer horribly crossing the router. Since you've run out of addresses on a /24, I assume you've got a couple hundred devices. Personally I'd just move the mask back one or 2 bits, making it a /22 or /23, and using the additional 1.0 or 1,2, and 3.0 subnets. There's things you can do to almost all OSs to reduce broadcasts. How many broadcasts are you seeing per second? If it's no more than 20 on average, I wouldn't even worry about it. Chuck Church CCIE #8776, MCNE, MCSE The customer has been using 192.168.168.0/24 in one small flat LAN. He has run out of these addresses and is being hit by performance issues related to broadcasts. He wants to implement subnets and VLANs: VLAN 100 192.168.168.0/24 VLAN 200 192.168.169.0/24 New design: Internet | s0 2600 router e1 --- public servers e0 | dot1q trunk switch VLAN 200 VLAN 100 There is just one DHCP server. It will be in VLAN 100, address 192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets. We're going to do inter-VLAN routing on the 2600 router. Will this config work as far as DHCP is concerned? interface ethernet 0 no ip address interface ethernet 0.1 encapsulation dot1q 100 ip address 192.168.168.1 255.255.255.0 interface ethernet 0.2 encapsulation dot1q 200 ip address 192.168.169.1 255.255.255.0 ip helper-address 192.168.168.10 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59646t=59646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: campus LAN design w/DHCP server [7:59646]
It's a fast Ethernet trunk, actually. I forgot to mention that. He does have some internal servers. Do you think in and out of a Fast Ethernet trunk will be less of a problem? You know my first reaction was also just move the subnet mask over. But he didn't seem to want to do that. He had a broadcast meltdown last week. Perhaps that's why he's concerned. He was using ghosting software. Thanks for the input! Priscilla Chuck Church wrote: If everyone just goes to the internet, it'll work. But if you've got one or more servers internally, I'd be real afraid of trunking on a 10 mb interface. You'll reduce your broadcasts, but I think performance will suffer horribly crossing the router. Since you've run out of addresses on a /24, I assume you've got a couple hundred devices. Personally I'd just move the mask back one or 2 bits, making it a /22 or /23, and using the additional 1.0 or 1,2, and 3.0 subnets. There's things you can do to almost all OSs to reduce broadcasts. How many broadcasts are you seeing per second? If it's no more than 20 on average, I wouldn't even worry about it. Chuck Church CCIE #8776, MCNE, MCSE The customer has been using 192.168.168.0/24 in one small flat LAN. He has run out of these addresses and is being hit by performance issues related to broadcasts. He wants to implement subnets and VLANs: VLAN 100 192.168.168.0/24 VLAN 200 192.168.169.0/24 New design: Internet | s0 2600 router e1 --- public servers e0 | dot1q trunk switch VLAN 200 VLAN 100 There is just one DHCP server. It will be in VLAN 100, address 192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets. We're going to do inter-VLAN routing on the 2600 router. Will this config work as far as DHCP is concerned? interface ethernet 0 no ip address interface ethernet 0.1 encapsulation dot1q 100 ip address 192.168.168.1 255.255.255.0 interface ethernet 0.2 encapsulation dot1q 200 ip address 192.168.169.1 255.255.255.0 ip helper-address 192.168.168.10 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59648t=59646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
campus LAN design w/DHCP server [7:59578]
Sorry if this is a dumb question! ;-) I want to make sure this design will work before implementing it. The customer has been using 192.168.168.0/24 in one small flat LAN. He has run out of these addresses and is being hit by performance issues related to broadcasts. He wants to implement subnets and VLANs: VLAN 100 192.168.168.0/24 VLAN 200 192.168.169.0/24 New design: Internet | s0 2600 router e1 --- public servers e0 | dot1q trunk switch VLAN 200 VLAN 100 There is just one DHCP server. It will be in VLAN 100, address 192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets. We're going to do inter-VLAN routing on the 2600 router. Will this config work as far as DHCP is concerned? interface ethernet 0 no ip address interface ethernet 0.1 encapsulation dot1q 100 ip address 192.168.168.1 255.255.255.0 interface ethernet 0.2 encapsulation dot1q 200 ip address 192.168.169.1 255.255.255.0 ip helper-address 192.168.168.10 Devices in VLAN 100 will broadcast and get to the DHCP server directly. The DHCP server is in their VLAN/subnet. Devices in VLAN 200 will broadcast. The router will hopefully pick up the broadcast, convert it to a unicast to the DHCP server and send it back out e0, with the GIADDR address filled in so the server will use the right scope. Sounds like it should work, but for some unknown reason, I couldn't find an example that showed this. Thanks so much for your help. You could save my Christmas by helping me verify (or poke holes) in this design! I just wanted to check on the DHCP aspect at this point. I can fix up the NAT and routing. My brain stopped working after the last egg nog, so help is needed! :-) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59578t=59578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: campus LAN design w/DHCP server [7:59578]
Priscilla, I'm sure someone can verify this with a 2600 specifically. As far as DHCP in general, yes. We just did this with a much larger 6509-based network. No problems. The only difference, of course, is that the MSFC has virtual router interfaces per VLAN - not subinterfaces on a router on a stick. Can't see why DHCP itself would know or care. But I guess you can't know for sure what that subinterface on the 2600 will do until someone specifically verifies it. If you don't get such a response, I've got a 2600 laying around at the moment. I'll dig up a switch, set up a DHCP server, and mock 'er up for ya. Won't take long at all. Regards, Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59580t=59578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: campus LAN design w/DHCP server [7:59578]
No more drinks for you, pris Design seems like it will work...till an intern puts up a nother dhcp server on the same vlan and people get wrong address's :-P Priscilla Oppenheimer wrote: Sorry if this is a dumb question! ;-) I want to make sure this design will work before implementing it. The customer has been using 192.168.168.0/24 in one small flat LAN. He has run out of these addresses and is being hit by performance issues related to broadcasts. He wants to implement subnets and VLANs: VLAN 100 192.168.168.0/24 VLAN 200 192.168.169.0/24 New design: Internet | s0 2600 router e1 --- public servers e0 | dot1q trunk switch VLAN 200 VLAN 100 There is just one DHCP server. It will be in VLAN 100, address 192.168.168.10. The DHCP server will have 2 scopes for the 2 subnets. We're going to do inter-VLAN routing on the 2600 router. Will this config work as far as DHCP is concerned? interface ethernet 0 no ip address interface ethernet 0.1 encapsulation dot1q 100 ip address 192.168.168.1 255.255.255.0 interface ethernet 0.2 encapsulation dot1q 200 ip address 192.168.169.1 255.255.255.0 ip helper-address 192.168.168.10 Devices in VLAN 100 will broadcast and get to the DHCP server directly. The DHCP server is in their VLAN/subnet. Devices in VLAN 200 will broadcast. The router will hopefully pick up the broadcast, convert it to a unicast to the DHCP server and send it back out e0, with the GIADDR address filled in so the server will use the right scope. Sounds like it should work, but for some unknown reason, I couldn't find an example that showed this. Thanks so much for your help. You could save my Christmas by helping me verify (or poke holes) in this design! I just wanted to check on the DHCP aspect at this point. I can fix up the NAT and routing. My brain stopped working after the last egg nog, so help is needed! :-) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59586t=59578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: campus LAN design w/DHCP server [7:59578]
Maybe what I really need for Christmas is a new router. ;-) My routers are too old to do this sort of stuff. It would be terrific if you could mock it up. I'm just not totally conviced the router will behave the way it obviously should. Could be the egg nog though. Thank-you. I am indebted to you! Priscilla s vermill wrote: Priscilla, I'm sure someone can verify this with a 2600 specifically. As far as DHCP in general, yes. We just did this with a much larger 6509-based network. No problems. The only difference, of course, is that the MSFC has virtual router interfaces per VLAN - not subinterfaces on a router on a stick. Can't see why DHCP itself would know or care. But I guess you can't know for sure what that subinterface on the 2600 will do until someone specifically verifies it. If you don't get such a response, I've got a 2600 laying around at the moment. I'll dig up a switch, set up a DHCP server, and mock 'er up for ya. Won't take long at all. Regards, Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59587t=59578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP on PIX 520 [7:59425]
Here's one I hope the PIX specialists on the List can help me solve. I have a PIX 520 v6.2(1). I understand that it can act as a DHCP server, but DHCP service on the PIX is currently supported only on the inside interface and I need to service a subnet on another interface. I have a DHCP server running on a subnet connected to a third PIX interface and I don't want to run another DHCP server on the same subnet as the clients in question. Here's my setup and can this be done? DHCPsvr (if 3) DHCPclients || || ---PIX---CISCO3640 inside if (if 2) Is there no way to pass bootp broadcasts through the PIX? I know about ip helper and ip forward in the router, so I can provide an ip helper address to the clients but they'd still have no default gateway, so no way to get through the PIX? I'd really appreciate a solution that doesn't force me to set up another DHCP server. Thanks, Carter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59425t=59425 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP prefer Client-identifier as Hardware address [7:58244]
Hi, I am testing the DHCP feature. If i configure the manual DHCP pool with the hardware-address, it's not working. I must configure the client-identification. It's not a problem for station (prefix = 01). But client-identification's router is an ID as 0063.6973.636f.2d30.3030.342e.6331.3332.2e33.6538.302d.4661.302f.30 As somebody find a solution for this problem Configuration : no ip dhcp conflict logging ip dhcp excluded-address 138.22.11.129 138.22.11.134 ... ip dhcp pool Router3 host 138.22.11.130 255.255.255.128 hardware-address 0004.c132.3e80 1 (Router's MAC) bootfile c.cfg option 150 ip 138.22.11.132 ! ip dhcp pool Workstation #OK host 138.22.11.133 255.255.255.128 client-identifier 0100.5004.b4ee.0b default-router 138.22.11.131 ! ip dhcp pool Other network 138.22.11.128 255.255.255.128 default-router 138.22.11.131 ! If Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58244t=58244 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco router as DHCP server [7:58049]
Hi all, can a cisco router act as a DHCP server by itself? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58049t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco router as DHCP server [7:58049]
A quick search on Cisco.com's main page for IOS DHCP server reveals: http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_ guide09186a008008743b.html (Hopefully the list didn't eat the link as it often does, and watch the line wrap..) Before asking such a simple question, it's best to attempt to find the answer on your own. It will build your own problem solving skills and you might learn quite a bit more in the process... Just my $0.02 James Willard [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of puro prasad Sent: Monday, November 25, 2002 2:07 PM To: [EMAIL PROTECTED] Subject: cisco router as DHCP server [7:58049] Hi all, can a cisco router act as a DHCP server by itself? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58052t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco router as DHCP server [7:58049]
puro prasad wrote: Hi all, can a cisco router act as a DHCP server by itself? Thanks. Yep: http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a008008743b.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58051t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco router as DHCP server [7:58049]
Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58053t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco router as DHCP server [7:58049]
thanks, both for the link and the advice. It was a bit urgent. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58054t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco router as DHCP server [7:58049]
Yes it can, but must be IOS 12.0(1)T or later DHCP: ip dhcp pool cisco (specifies cisco as the string used for the address pool) network 10.1.1.0 255.255.255.0(range of addresses for pool) default-router 10.1.1.254 (defines a default gateway to be leased out) lease 0 0 15 (0 days, 0 hours, 15 minute lease) dns-server x.x.x.x domain-name cisco.com (GLOBAL) ip dhcp excluded-address 10.1.1.1 (LAN interface addresses, etc) Rob Payne, CCIE #8325 Cisco Systems - AES (NSA) Cellular:479-366-0629 E-mail: [EMAIL PROTECTED] Pager: 1-888-342-7923 OR [EMAIL PROTECTED] Success is a Journey... Not a Destination -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of puro prasad Sent: Monday, November 25, 2002 1:07 PM To: [EMAIL PROTECTED] Subject: cisco router as DHCP server [7:58049] Hi all, can a cisco router act as a DHCP server by itself? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58055t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: cisco router as DHCP server [7:58049]
Puro, Yes. I set a branch office 1720 router to act as a DHCP server last week. Follow the link below to Cisco's website for more information http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guid e09186a008008743b.html Cheers, Jonathan puro prasad wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, can a cisco router act as a DHCP server by itself? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58079t=58049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP (client) problem on Cisco 2514 [7:56573]
Got this weird problem with a 2514 I use as a broadband router. I connect the router to a DSL modem, but it doesn't get an IP address assigned. I got the correct IOS, and have ip address dhcp configured on the outside interface. When I connect a PC directly to the DSL modem, it gets an IP address without any problems... Of course I release the IP again before I disconnect the PC. Also tried to statically assign the IP (obtained by DHCP with a PC) to my router, and everything works just fine... But my provider changes the IP every 24hrs. :-( I have other routers (not 2500s), but didn't have the time yet to try with those. Wonder if any of you got similar problems and knows what is wrong? Here is some debug output, FWIW YahooBB-Router# Oct 30 18:56:13 JST: DHCP: DHCP client process started: Oct 30 18:56:17 JST: DHCP: Shutting down from get_netinfo() Oct 30 18:56:17 JST: DHCP: Attempting to shutdown DHCP Client Oct 30 18:56:18 JST: DHCP: allocate request Oct 30 18:56:18 JST: DHCP: new entry. add to queue Oct 30 18:56:18 JST: DHCP: SDiscover attempt # 1 for entry: Oct 30 18:56:18 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:18 JST: DHCP: SDiscover 298 bytes Oct 30 18:56:21 JST: DHCP: SDiscover attempt # 2 for entry: Oct 30 18:56:21 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:21 JST: DHCP: SDiscover 298 bytes Oct 30 18:56:24 JST: DHCP: SDiscover attempt # 3 for entry: Oct 30 18:56:24 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:24 JST: DHCP: SDiscover 298 bytes [OK] YahooBB-Router# YahooBB-Router#%Unknown DHCP problem.. No allocation possible Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56573t=56573 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP (client) problem on Cisco 2514 [7:56573]
I suppose posting the config would help... YahooBB-Router#sh run Building configuration... Current configuration : 1779 bytes ! ! Last configuration change at 16:42:47 JST Wed Oct 30 2002 ! version 12.2 no service single-slot-reload-enable service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime localtime show-timezone service timestamps log datetime localtime show-timezone service password-encryption service udp-small-servers service tcp-small-servers ! hostname YahooBB-Router ! logging rate-limit console 10 except errors enable secret 5 $1$c9.a$lpUgd8kGiwWmFJ.yTpfAD. ! clock timezone JST 9 ip subnet-zero no ip finger ip name-server x.x.x.x ip dhcp excluded-address 192.168.1.1 192.168.1.15 ! ip dhcp pool PrivateNet network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server x.x.x.x ! ip cef no ip dhcp-client network-discovery ! ! ! ! interface Ethernet0 description toLAN ip address 192.168.1.1 255.255.255.0 ip nat inside no ip mroute-cache load-interval 30 ! interface Ethernet1 description ToYahooBB_Modem ip address dhcp ip nat outside no ip mroute-cache load-interval 30 ! interface Serial0 no ip address no ip mroute-cache shutdown ! interface Serial1 no ip address no ip mroute-cache shutdown ! ip kerberos source-interface any ip nat inside source list 101 interface Ethernet1 overload ip classless ip route 0.0.0.0 0.0.0.0 ethernet 1 no ip http server ! access-list 1 permit x.x.x.x 0.0.0.255 access-list 1 permit x.x.x.x 0.0.0.255 access-list 1 deny any log access-list 101 permit ip 192.168.1.0 0.0.0.255 any ! ! line con 0 exec-timeout 500 0 transport input none line aux 0 transport input all line vty 0 4 access-class 1 in exec-timeout 500 0 password 7 xxx login ! ntp clock-period 17180016 ntp server x.x.x.x ntp server x.x.x.x end YahooBB-Router# Steven wrote in message news:200210310447.EAA24091;groupstudy.com... Got this weird problem with a 2514 I use as a broadband router. I connect the router to a DSL modem, but it doesn't get an IP address assigned. I got the correct IOS, and have ip address dhcp configured on the outside interface. When I connect a PC directly to the DSL modem, it gets an IP address without any problems... Of course I release the IP again before I disconnect the PC. Also tried to statically assign the IP (obtained by DHCP with a PC) to my router, and everything works just fine... But my provider changes the IP every 24hrs. :-( I have other routers (not 2500s), but didn't have the time yet to try with those. Wonder if any of you got similar problems and knows what is wrong? Here is some debug output, FWIW YahooBB-Router# Oct 30 18:56:13 JST: DHCP: DHCP client process started: Oct 30 18:56:17 JST: DHCP: Shutting down from get_netinfo() Oct 30 18:56:17 JST: DHCP: Attempting to shutdown DHCP Client Oct 30 18:56:18 JST: DHCP: allocate request Oct 30 18:56:18 JST: DHCP: new entry. add to queue Oct 30 18:56:18 JST: DHCP: SDiscover attempt # 1 for entry: Oct 30 18:56:18 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:18 JST: DHCP: SDiscover 298 bytes Oct 30 18:56:21 JST: DHCP: SDiscover attempt # 2 for entry: Oct 30 18:56:21 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:21 JST: DHCP: SDiscover 298 bytes Oct 30 18:56:24 JST: DHCP: SDiscover attempt # 3 for entry: Oct 30 18:56:24 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:24 JST: DHCP: SDiscover 298 bytes [OK] YahooBB-Router# YahooBB-Router#%Unknown DHCP problem.. No allocation possible Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56574t=56573 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4006 IP Phone DHCP problem [7:56049]
I think the problem is that the 4006 is an IOS switch. I haven't worked with VoIP on a set based switch yet, so I don't know much about configuring them for this stuff. Thanks Larry -Original Message- From: Jennifer Mellone [mailto:jmellone;speakeasy.net] Sent: Wednesday, October 23, 2002 10:45 PM To: [EMAIL PROTECTED] Subject: RE: 4006 IP Phone DHCP problem [7:56049] Larry, I noticed you have the command switchport trunk encapsulation dot1q. Do you need to configure the interface/port as a trunk when you do the set port auxiliaryvlan command (catos) or the switch voice vlan command (ios switch)? According to Cisco's website, you don't for a catos switch, but you do for an ios switch: Check this out: http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/network/dgcamp us.htm#xtocid364019 NO TRUNKING HERE ON CATOS SWITCH: Voice VLAN Configuration To configure the VVID from the Catalyst software CLI, use the set port auxiliaryvlan command. You can use this command to set the VVID on a single port, on a range of ports, or for an entire module. The following example shows how to display the command syntax: Console (enable) set port auxiliaryvlan help Usage: set port auxiliaryvlan (vlan + 1..1000) In the following example, the VVID is set to 222 for ports 2/1 through 2/3. When the phone powers up, the switch instructs it to register with VLAN 222. Console (enable) set port auxiliaryvlan 2/1-3 222 Auxiliaryvlan 222 configuration successful. The following examples show how to display which ports are in which auxiliary VLAN: Console show port auxiliaryvlan 222 AuxiliaryVlan auxVlanStatus Mod/Ports - - - 222 222 1/2,2/1-3 Console show port 2/1 Port AuxiliaryVlan AuxVlan-Status - - -- 2.1 222 active - TRUNKING HERE ON IOS SWITCH: The following is an example of VVID configuration on Catalyst switches running Cisco IOS at the interface level (for example, Catalyst 3524-PWR and 2900XL): interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport trunk native vlan switchport mode trunk switchport voice vlan spanning-tree portfast switchport mode trust - Jennifer PS - are you going to trust the CoS going from phone to switch? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56225t=56049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4006 IP Phone DHCP problem [7:56049]
Sorry for the late reply. Our e-mail was backup up and I am not going through over 300 emails from the Groupstudy lists. We have the Cisco eq. working fine and I am currently trying to get the Avaya stuff to work. Unfortunately I don't have access to the eq directly, so I have to work with the on site tech to configure things. Once I get it working I will let everyone know, or if not, why it doesn't work... Thanks Larry -Original Message- From: Jennifer Mellone [mailto:jmellone;speakeasy.net] Sent: Wednesday, October 23, 2002 10:49 PM To: [EMAIL PROTECTED] Subject: RE: 4006 IP Phone DHCP problem [7:56049] Larry, Don't mind me, I'm not challenging the configs, just trying to learn - sometimes Cisco's website can be very unclear to me ;-) I forgot to ask - How are those Avaya phones working out compared to Cisco phones? - Jennifer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56224t=56049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4006 IP Phone DHCP problem [7:56049]
Larry, I noticed you have the command switchport trunk encapsulation dot1q. Do you need to configure the interface/port as a trunk when you do the set port auxiliaryvlan command (catos) or the switch voice vlan command (ios switch)? According to Cisco's website, you don't for a catos switch, but you do for an ios switch: Check this out: http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/network/dgcampus.htm#xtocid364019 NO TRUNKING HERE ON CATOS SWITCH: Voice VLAN Configuration To configure the VVID from the Catalyst software CLI, use the set port auxiliaryvlan command. You can use this command to set the VVID on a single port, on a range of ports, or for an entire module. The following example shows how to display the command syntax: Console (enable) set port auxiliaryvlan help Usage: set port auxiliaryvlan (vlan + 1..1000) In the following example, the VVID is set to 222 for ports 2/1 through 2/3. When the phone powers up, the switch instructs it to register with VLAN 222. Console (enable) set port auxiliaryvlan 2/1-3 222 Auxiliaryvlan 222 configuration successful. The following examples show how to display which ports are in which auxiliary VLAN: Console show port auxiliaryvlan 222 AuxiliaryVlan auxVlanStatus Mod/Ports - - - 222 222 1/2,2/1-3 Console show port 2/1 Port AuxiliaryVlan AuxVlan-Status - - -- 2.1 222 active - TRUNKING HERE ON IOS SWITCH: The following is an example of VVID configuration on Catalyst switches running Cisco IOS at the interface level (for example, Catalyst 3524-PWR and 2900XL): interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport trunk native vlan switchport mode trunk switchport voice vlan spanning-tree portfast switchport mode trust - Jennifer PS - are you going to trust the CoS going from phone to switch? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56182t=56049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4006 IP Phone DHCP problem [7:56049]
Larry, Don't mind me, I'm not challenging the configs, just trying to learn - sometimes Cisco's website can be very unclear to me ;-) I forgot to ask - How are those Avaya phones working out compared to Cisco phones? - Jennifer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56183t=56049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4006 IP Phone DHCP problem [7:56049]
Damn phones, Don't they make you feel stupid sometimes. Great work Larry. jb -Original Message- From: Roberts, Larry [mailto:Larry.Roberts;expanets.com] Sent: Wednesday, October 23, 2002 10:57 AM To: John Brandis Subject: RE: 4006 IP Phone DHCP problem [7:56049] The Fix was to run a newer version of code on the phones. We swapped to p00303020213 and that fixed it, or so it appears. We will know more after testing tomorrow. Larry -Original Message- From: John Brandis [mailto:john.brandis;solution6.com] Sent: Monday, October 21, 2002 10:26 PM To: 'Roberts, Larry' Subject: RE: 4006 IP Phone DHCP problem [7:56049] My problem which is hopefully something to look into, was that there was a config on the phones themselves that played havoc with what I was telling the switch to do. Hopefully this will solve your problems as it does not , according to your config and what TAC suggests, and issue with the config of the 4006. -Original Message- From: Roberts, Larry [mailto:Larry.Roberts;expanets.com] Sent: Tuesday, October 22, 2002 1:21 PM To: John Brandis Subject: RE: 4006 IP Phone DHCP problem [7:56049] Running Cisco 7960's and some Avaya phones as well, although I don't know their model number. I don't remember what I did to help, but glad I could do it! If I come up with an answer I will let you know.. Larry -Original Message- From: John Brandis [mailto:john.brandis;solution6.com] Sent: Monday, October 21, 2002 9:39 PM To: 'Roberts, Larry' Subject: RE: 4006 IP Phone DHCP problem [7:56049] I am very interested as I just purchased a 4006 to do the exact same setup. Whats the phone type you are using, hopefully not a NEC ? John Sydney, Australia Ps: thanks for helping with my VoIP issues last month. -Original Message- From: Roberts, Larry [mailto:Larry.Roberts;expanets.com] Sent: Tuesday, October 22, 2002 12:19 PM To: [EMAIL PROTECTED] Subject: 4006 IP Phone DHCP problem [7:56049] Hey folks, Im hoping that one of you can help me with a problem. I have a 4006 with a SUPIII running 2 VLAN's. The Data VLAN is VLAN 1 and the Voice VLAN is VLAN 200. I have a DHCP server on VLAN 1 with the proper scopes defined. My problem is that the phone is getting a VLAN 1 ip address, not a VLAN 200. Standard IP phone config: interface FastEthernet x/x description IP Phone switchport trunk encapsulation dot1q switchport mode trunk switchport voice vlan 200 no snmp trap link-status spanning-tree portfast Now if I hardcode the switchport to VLAN 200 with a switchport access vlan 200 and switchport mode access, it works fine. I did a debug on the SUPIII and I see the bootp request come in on VLAN 200, and I can see the SUP III set the GIADDR to the VLAN 200 address. I had the onsite tech take a look at the phone, and it see's itself as on VLAN 200, so I don't understand why the request is being met with a VLAN 1 ip. I know that the scopes are correct because hard coding the interface makes it work. I know that the VLAN interface configuration is correct because it works when the port is hard coded to the correct interface. I suspected that CEF was preventing the router from setting the GIADDR of the packet, but debug shows it doing it so now I am lost. I tried the standard no ip route-cache / mroute-cache but that hasn't helped. I don't know if it's a software bug or what, but I am at a loss. Anybody done this before ? I have several 3500's running this configuration and they work fine, so I am beginning to wonder if it isn't in the SUP III that is causing the issue. Perhaps it says its rewriting the GIADDR, but its not. IOS used: System image file is bootflash:cat4000-is-mz.121-12c.EW.bin Any help/thoughts/verbal abuse is appreciated. I have a TAC case open to see what I'm doing wrong, but they aren't seeing anything config wise being the problem so I thought I would try the experts over here. Thanks Larry ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56116t=56049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations
4006 IP Phone DHCP problem [7:56049]
Hey folks, Im hoping that one of you can help me with a problem. I have a 4006 with a SUPIII running 2 VLAN's. The Data VLAN is VLAN 1 and the Voice VLAN is VLAN 200. I have a DHCP server on VLAN 1 with the proper scopes defined. My problem is that the phone is getting a VLAN 1 ip address, not a VLAN 200. Standard IP phone config: interface FastEthernet x/x description IP Phone switchport trunk encapsulation dot1q switchport mode trunk switchport voice vlan 200 no snmp trap link-status spanning-tree portfast Now if I hardcode the switchport to VLAN 200 with a switchport access vlan 200 and switchport mode access, it works fine. I did a debug on the SUPIII and I see the bootp request come in on VLAN 200, and I can see the SUP III set the GIADDR to the VLAN 200 address. I had the onsite tech take a look at the phone, and it see's itself as on VLAN 200, so I don't understand why the request is being met with a VLAN 1 ip. I know that the scopes are correct because hard coding the interface makes it work. I know that the VLAN interface configuration is correct because it works when the port is hard coded to the correct interface. I suspected that CEF was preventing the router from setting the GIADDR of the packet, but debug shows it doing it so now I am lost. I tried the standard no ip route-cache / mroute-cache but that hasn't helped. I don't know if it's a software bug or what, but I am at a loss. Anybody done this before ? I have several 3500's running this configuration and they work fine, so I am beginning to wonder if it isn't in the SUP III that is causing the issue. Perhaps it says its rewriting the GIADDR, but its not. IOS used: System image file is bootflash:cat4000-is-mz.121-12c.EW.bin Any help/thoughts/verbal abuse is appreciated. I have a TAC case open to see what I'm doing wrong, but they aren't seeing anything config wise being the problem so I thought I would try the experts over here. Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56049t=56049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX as a DHCP relay agent [7:55785]
Ashraf Hozayen wrote: Hi, Use the dhcpd enable command to turn on DHCP daemon on PIX , That doesn't turn it into a DHCP relay agent, though, does it? I think you need a router for that. A DHCP relay agent forwards DHCP broadcasts to a server not on the local LAN. It's accomplished on a router by configuring an IP helper address on the incoming interface where the clients reside. The IP helper address points to the server. The router than forwards the UDP broadcasts to port 67 over to the server. This solves the problem where DHCP clients reside on a different LAN from the DHCP server. The problem that you are addressing is a different problem. Priscilla The PIX Firewall DHCP client can only be enabled on the outside interface. DHCP client support within the PIX Firewall is designed for use within a small office, home office (SOHO) environment using a PIX Firewall that is directly connected to a DSL or cable modem that supports the DHCP server function. Ashraf Hozayen Network Engineer CCNA,CCNP ,CCIE MCP Cisco Security Specialist 1 VAS Network IT Dept. Vodafone Egypt Direct No: +20-2-529-2824 Fax No: +20-2-5292-499 Cellular No : +20-105-372-020 E-mail: [EMAIL PROTECTED] -Original Message- From: Osama Kamal [mailto:OKamal;Mobinil.com] Sent: 17 October 2002 09:11 AM To: [EMAIL PROTECTED] Subject: PIX as a DHCP relay agent [7:55785] 2 questions: Can the PIX work as a DHCP relay agent? What are the ports required to be opened on the pix to allow DHCP relay agent traffic to pass through? Thanks *** Important Confidentiality: This communication is intended for the above named person and is confidential and/or legally privileged any opinion expressed in this communication are not necessarily those of the Egyptian company for Mobile Services (MobiNiL). If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone: please delete/destroy and inform the sender immediately. No Responsibility: MobiNiL is not responsible for any political, religious, racial or partisan opinion in any correspondence conducted by its domain users. Therefore, any such opinion expressed, whether explicitly or implicitly, in any said correspondence is not to be interpreted as that of MobiNiL. Monitoring / Viruses: MobiNiL may monitor all incoming outgoing e-mails in line with current legislation. Although we have taken steps to ensure that this e-mail and attachments are free from any Virus, we advise that in keeping with good computing practice the recepient should ensure they are actuallyvirus free. The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt Telephone: +20 2 574 - 7000 or + 20 12 320 - Fax: +20 2 574 - 7111 or +20 12 320- 7111 *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55895t=55785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX as a DHCP relay agent [7:55785]
2 questions: Can the PIX work as a DHCP relay agent? What are the ports required to be opened on the pix to allow DHCP relay agent traffic to pass through? Thanks *** Important Confidentiality: This communication is intended for the above named person and is confidential and/or legally privileged any opinion expressed in this communication are not necessarily those of the Egyptian company for Mobile Services (MobiNiL). If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone: please delete/destroy and inform the sender immediately. No Responsibility: MobiNiL is not responsible for any political, religious, racial or partisan opinion in any correspondence conducted by its domain users. Therefore, any such opinion expressed, whether explicitly or implicitly, in any said correspondence is not to be interpreted as that of MobiNiL. Monitoring / Viruses: MobiNiL may monitor all incoming outgoing e-mails in line with current legislation. Although we have taken steps to ensure that this e-mail and attachments are free from any Virus, we advise that in keeping with good computing practice the recepient should ensure they are actuallyvirus free. The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt Telephone: +20 2 574 - 7000 or + 20 12 320 - Fax: +20 2 574 - 7111 or +20 12 320- 7111 *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55785t=55785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX as a DHCP relay agent [7:55785]
Hi, Use the dhcpd enable command to turn on DHCP daemon on PIX , The PIX Firewall DHCP client can only be enabled on the outside interface. DHCP client support within the PIX Firewall is designed for use within a small office, home office (SOHO) environment using a PIX Firewall that is directly connected to a DSL or cable modem that supports the DHCP server function. Ashraf Hozayen Network Engineer CCNA,CCNP ,CCIE MCP Cisco Security Specialist 1 VAS Network IT Dept. Vodafone Egypt Direct No: +20-2-529-2824 Fax No: +20-2-5292-499 Cellular No : +20-105-372-020 E-mail: [EMAIL PROTECTED] -Original Message- From: Osama Kamal [mailto:[EMAIL PROTECTED]] Sent: 17 October 2002 09:11 AM To: [EMAIL PROTECTED] Subject:PIX as a DHCP relay agent [7:55785] 2 questions: Can the PIX work as a DHCP relay agent? What are the ports required to be opened on the pix to allow DHCP relay agent traffic to pass through? Thanks *** Important Confidentiality: This communication is intended for the above named person and is confidential and/or legally privileged any opinion expressed in this communication are not necessarily those of the Egyptian company for Mobile Services (MobiNiL). If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone: please delete/destroy and inform the sender immediately. No Responsibility: MobiNiL is not responsible for any political, religious, racial or partisan opinion in any correspondence conducted by its domain users. Therefore, any such opinion expressed, whether explicitly or implicitly, in any said correspondence is not to be interpreted as that of MobiNiL. Monitoring / Viruses: MobiNiL may monitor all incoming outgoing e-mails in line with current legislation. Although we have taken steps to ensure that this e-mail and attachments are free from any Virus, we advise that in keeping with good computing practice the recepient should ensure they are actuallyvirus free. The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt Telephone: +20 2 574 - 7000 or + 20 12 320 - Fax: +20 2 574 - 7111 or +20 12 320- 7111 *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55788t=55785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX as a DHCP relay agent [7:55785]
Hi I dont think you can make PIX DHCP Relay Agent , athough you can make router as DHCP relay agent(by using IP Helper Address) or make your Windows 2000 Server as DHCP Relay agent. -- Curious MCSE, CCNP Ashraf Hozayen wrote in message news:200210170740.HAA27183;groupstudy.com... Hi, Use the dhcpd enable command to turn on DHCP daemon on PIX , The PIX Firewall DHCP client can only be enabled on the outside interface. DHCP client support within the PIX Firewall is designed for use within a small office, home office (SOHO) environment using a PIX Firewall that is directly connected to a DSL or cable modem that supports the DHCP server function. Ashraf Hozayen Network Engineer CCNA,CCNP ,CCIE MCP Cisco Security Specialist 1 VAS Network IT Dept. Vodafone Egypt Direct No: +20-2-529-2824 Fax No: +20-2-5292-499 Cellular No : +20-105-372-020 E-mail: [EMAIL PROTECTED] -Original Message- From: Osama Kamal [mailto:OKamal;Mobinil.com] Sent: 17 October 2002 09:11 AM To: [EMAIL PROTECTED] Subject: PIX as a DHCP relay agent [7:55785] 2 questions: Can the PIX work as a DHCP relay agent? What are the ports required to be opened on the pix to allow DHCP relay agent traffic to pass through? Thanks *** Important Confidentiality: This communication is intended for the above named person and is confidential and/or legally privileged any opinion expressed in this communication are not necessarily those of the Egyptian company for Mobile Services (MobiNiL). If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone: please delete/destroy and inform the sender immediately. No Responsibility: MobiNiL is not responsible for any political, religious, racial or partisan opinion in any correspondence conducted by its domain users. Therefore, any such opinion expressed, whether explicitly or implicitly, in any said correspondence is not to be interpreted as that of MobiNiL. Monitoring / Viruses: MobiNiL may monitor all incoming outgoing e-mails in line with current legislation. Although we have taken steps to ensure that this e-mail and attachments are free from any Virus, we advise that in keeping with good computing practice the recepient should ensure they are actuallyvirus free. The Egyptian Company for Mobile Services (MobiNiL) www.mobinil.com The World Trade Center: 1191 Corniche El Nil, Boulaq - Cairo - Egypt Telephone: +20 2 574 - 7000 or + 20 12 320 - Fax: +20 2 574 - 7111 or +20 12 320- 7111 *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55815t=55785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Token Ring on DHCP?? [7:55847]
Hello, I have a router configured with DHCP server. Any other router connected to the same switch gets an ip address via DHCP from this router but my token ring interface is also grabbing an ip, even though it's admin down. I am wondering how? Is this how it works? Even possible. Please advise. Thank you. Sincerely, RTB#i InterfaceIP-Address OK? Method StatusProtocol Ethernet010.10.10.103YES BOOTP upup Serial0 unassigned YES unset administratively down down Serial1 unassigned YES unset administratively down down TokenRing0 10.10.10.104YES BOOTP administratively down down _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55847t=55847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token Ring on DHCP?? [7:55847]
Cisco Nuts wrote: Hello, I have a router configured with DHCP server. Any other router connected to the same switch gets an ip address via DHCP from this router but my token ring interface is also grabbing an ip, even though it's admin down. I am wondering how? Is this how it works? Even possible. Please advise. Thank you. Sincerely, RTB#i InterfaceIP-Address OK? Method Status Protocol Ethernet010.10.10.103YES BOOTP upup Serial0 unassigned YES unset administratively down down Serial1 unassigned YES unset administratively down down TokenRing0 10.10.10.104YES BOOTP administratively down down _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55856t=55847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token Ring on DHCP?? [7:55847]
Sorry, the up arrow key is in the same place as the Post button when you try to read this from Internet Explorer on a Mac. They overlap. It's a bug in the user interface. I didn't mean to post! :-) But now, that I'm here, I must say this sounds like a bug. What version of IOS are you using? Priscilla Priscilla Oppenheimer wrote: Cisco Nuts wrote: Hello, I have a router configured with DHCP server. Any other router connected to the same switch gets an ip address via DHCP from this router but my token ring interface is also grabbing an ip, even though it's admin down. I am wondering how? Is this how it works? Even possible. Please advise. Thank you. Sincerely, RTB#i InterfaceIP-Address OK? Method Status Protocol Ethernet010.10.10.103YES BOOTP up up Serial0 unassigned YES unset administratively down down Serial1 unassigned YES unset administratively down down TokenRing0 10.10.10.104YES BOOTP administratively down down _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55857t=55847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Inside Interface accepts DHCP lease...but it has a static [7:55094]
There is a router/modem connecting to the ISP using PPoA. This router was in place and works...the customer just wanted some packet filtering as well ( which the router in place does not provide ). So I am using a Cisco SOHO 71. E1 is the outside interface which connects to the inside interface of the existing router. E1 has a static ip of 172.16.0.2 ( there is no ip address dhcp it is ip address 172.16.0.2 255.255.255.0 E0 has ip address 192.168.0.9 255.255.255.0 There is a static route on the existing ( non Cisco ) router pointing all 192.168.0.0/24 destined traffic back to 172.16.0.2 ( E1 of Cisco ). There is also a default route on the cisco pointing to 172.16.0.1 ( the inside interface of the non-cisco router ) The non-cisco router does NAT INTERNET-WANinterface(non-Cisco Router)172.16.0.1(inside) | | Win2000Server(DHCP)--|--192.168.0.9(E0)(Cisco SOHO71)172.16.0.2(E1) | | LAN Every few days ( there doesn't seem to be an exact regularity yet), interface E0's ip address will change. So far it has always changed to 192.168.0.16. If I view the DHCP Manager in Windows 2000 Server, it indicates that IP address associated with the router. The config of e0 ( when working normal) looks like this: Interface Ethernet 0 ip address 192.168.0.9 255.255.255.0 Any ideas??? I think I will configure syslog debugging level and turn on dhcp debugging. With that I should get at very least the moment that the address changes...and hopefully some dhcp debug output. I suppose I could also put a sniffer in and try to detect it. Thanks Erick B. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That is strange. What type of router and IOS version? Just to clarify, the interface has 'ip address x.x.x.x y.y.y.y' config and not 'ip address dhcp' with a static DHCP assigned address. Being DSL, is it PPPoE by chance? Does e0 connect to DSL/Internet and e1 to their network or vice versa? --- Dain Deutschman wrote: Hi all, I have a problem with a client on a dsl connection. Ethernet 0 and 1 both have statically assigned IP addresses. I leave the customer site and 3 days later they call and have no internet. I check the router config and E0 has the wrong IP address. I check the Win2000 DHCP server and that address is listed as leased to the router. Any ideas why the router is allowing this to happen? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager [EMAIL PROTECTED] __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55094t=55094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Which IOS version has the DHCP server software? [7:55102]
Which IOS release has the DHCP server software? It is for a 25xx router. IP IP PLUS IP ENTERPRISE IP SP Thanks... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55102t=55102 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which IOS version has the DHCP server software? [7:55102]
I'm pretty sure its the enterprise version, I was looking for the same thing on my 2500s and couldn't find an IOS with it enabled. I didn't have enough RAM/Flash for enterprise so I'm assuming it is enterprise that has it. r34rv13wm1rr0r wrote: Which IOS release has the DHCP server software? It is for a 25xx router. IP IP PLUS IP ENTERPRISE IP SP Thanks... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55108t=55102 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which IOS version has the DHCP server software? [7:55102]
Try http://www.cisco.com/go/fn The feature navigator is a blessing when looking for certain things in an IOS. --- Ben W wrote: I'm pretty sure its the enterprise version, I was looking for the same thing on my 2500s and couldn't find an IOS with it enabled. I didn't have enough RAM/Flash for enterprise so I'm assuming it is enterprise that has it. r34rv13wm1rr0r wrote: Which IOS release has the DHCP server software? It is for a 25xx router. IP IP PLUS IP ENTERPRISE IP SP Thanks... [EMAIL PROTECTED] __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55112t=55102 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which IOS version has the DHCP server software? [7:55102]
Have a look at the Software Advisor and search by Feature: http://www.cisco.com/cgi-bin/Support/CompNav/Index.pl Search on DHCP Server-Easy IP Phase 2 which is first available in 12.0T, platform specific to some releases. They show it first on the 2500 in 12.0(1)T, and it is available in all feature sets therefore IP should have it. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t1/easyip2.htm#xtocid138 -- David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 12:59 PM To: [EMAIL PROTECTED] Subject: RE: Which IOS version has the DHCP server software? [7:55102] I'm pretty sure its the enterprise version, I was looking for the same thing on my 2500s and couldn't find an IOS with it enabled. I didn't have enough RAM/Flash for enterprise so I'm assuming it is enterprise that has it. r34rv13wm1rr0r wrote: Which IOS release has the DHCP server software? It is for a 25xx router. IP IP PLUS IP ENTERPRISE IP SP Thanks... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55115t=55102 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Which IOS version has the DHCP server software? [7:55102]
Hi, For DHCP on 25xx you'll need at least 12.x IP. Regards Igor r34rv13wm1rr0r wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Which IOS release has the DHCP server software? It is for a 25xx router. IP IP PLUS IP ENTERPRISE IP SP Thanks... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55119t=55102 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Inside Interface accepts DHCP lease...but it has a static [7:54998]
Hi all, I have a problem with a client on a dsl connection. Ethernet 0 and 1 both have statically assigned IP addresses. I leave the customer site and 3 days later they call and have no internet. I check the router config and E0 has the wrong IP address. I check the Win2000 DHCP server and that address is listed as leased to the router. Any ideas why the router is allowing this to happen? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54998t=54998 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Inside Interface accepts DHCP lease...but it has a static [7:55066]
That is strange. What type of router and IOS version? Just to clarify, the interface has 'ip address x.x.x.x y.y.y.y' config and not 'ip address dhcp' with a static DHCP assigned address. Being DSL, is it PPPoE by chance? Does e0 connect to DSL/Internet and e1 to their network or vice versa? --- Dain Deutschman wrote: Hi all, I have a problem with a client on a dsl connection. Ethernet 0 and 1 both have statically assigned IP addresses. I leave the customer site and 3 days later they call and have no internet. I check the router config and E0 has the wrong IP address. I check the Win2000 DHCP server and that address is listed as leased to the router. Any ideas why the router is allowing this to happen? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager [EMAIL PROTECTED] __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55066t=55066 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54698]
No it's always the Id-10-t's! (that's us ... Humans!) Routers and servers always work, until we decide to configure them ;-) Sorry for getting so late into this thread,only catching up with emails now, The problem with hibernating / and suspend on w2k/WinXP computers, is also this: If the user suspends or hibernates his computer, goes to another location, First plugs the NIC Cable in and then resumes from his session, the OS will keep the old DHCP address. The computer doesn't realise that the network location has changed. Of course if you resume and THEN plug in the cable, it would get sorted out, unless the new location doesn't have a DHCP server, in which case, WinDows will tell you that an error has occurred while reconnecting to the network. Hope this helps (although it may be a bit too late) Manish -Original Message- From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] Sent: 01 October 2002 22:23 To: [EMAIL PROTECTED] Subject: Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54661] fortunately, smarter people than I took the troubleshooting. The problem was this: The Network Admin decided to use a DHCP super scope on the Win2K server, with several DHCP subscopes ( one for each office ) underneath. He had understood that the purpose of the superscope was to pass values common to all subscopes - things like NTP server, DNS server, SMTP server - while things like the default gateway would remain with the sub scopes. Turns out this was a misunderstanding. The superscope ( apparently, if I understand what I am being told ) is only for segments where there are numbers of subnets on the same wire. This actually might explain why Microsoft tech support misunderstood what was happening, and gave the seemingly ludicrous advice to revert back to a Big Flat Bridged Network. They were actually saying something else, but we misinterpreted. As of today, the customer is testing, without the superscope in place, and all appears well. Win2K and WinXP workstations are mobile, and are behaving the way many of you described as proper. See- the problem is always a server problem. It's NEVER the routers ;- Chuck Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Evans, TJ wrote: IIRC: Win2k and later detect 'cable disconnects', and de-IP your system. Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. Not to beat this to death, but that must indeed be the explanation. W2K and XP recognize when the user connects the Ethernet cable and resend a DHCP request, assuming DHCP is being used. So when the PC is moved to a new location and new subnet, it gets a proper address without any user twidling beyond inserting the cable. This seems too smart for Windoze, but I can't think of any other explanataion. So, Chuck's users are using W2K and XP. What could they be doing wrong?? Also, of course, this doesn't solve the problem for wireless users. That's not what Chuck was asking about, but it's still an interesting issue. They could benefit from Mobile IP. (I really want to recommend that. ;-) The reason I say that the cable insertion theory is the explanation is that there's no other way for the operating system and protocol stack to know that it needs to send a new DHCP request. Remember, we're talking about laptops that haven't been shut down. (Maybe they go to sleep though? Awaking from sleep might also cause a new DHCP request?) The PC can't tell that it's on a different network by just looking at packets. Even though it could see the IP addresses being used by other devices, it couldn't know the subnet mask and default gateway to use. Contrast this with AppleTalk, which solved this problem years ago. ;-) An AppleTalk end node hears the incessant RTMPs coming from routers. Not only does the end node learn the address of a gateway to use from that, but it also learns its own network number because the local net number is always the first one in the RTMP packet. Of course, the tradeoff was those incessant RTMPs. ;-) But moving a Mac to a new network has always been pretty straightforward, despite a rather annoying message that comes up and confuses users. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Thanks! TJ -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by t
Re: OT: Serves Me Right - DHCP problem [7:54402]
Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by the above functionno mobile ip..no special setup..just like Darrell said... Larry Chuck's Long Road wrote: well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has been problematic for a lot of reasons, so it is not unusual for a round of e-mails from the customer complaining about one thing or another. Today was a good one, however. Shows to go you have to ask things you normally wouldn't think about. DHCP - no big deal. Works fine. All of us have probably used it or configured it. All of us probably have experience with running several small sites off a single DHCP server at a central site. So why is the customer complaining about DHCP not working, and it's because our routers are screwed up and Microsoft told them that they would have to change their network addressing to a single class B rather than subnets of /16 space, the way I designed it? The routers are configured correctly. The network is designed correctly - no overlapping subnets. IP helpering
RE: OT: Serves Me Right - DHCP problem [7:54402]
Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. Thanks! TJ -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by the above functionno mobile ip..no special setup..just like Darrell said... Larry Chuck's Long Road wrote: well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has been problematic for a lot of reasons, so it is not unusual for a round of e-mails from the customer complaining about one thing or another. Today was a good one, however. Shows to go you have to ask things you normally wouldn't think about. DHCP - no big deal. Works fine. All of us have probably used it or configured it. All of us probably have experience with running several small sites off a single DHCP server at a central site. So why is the customer complaining about DHCP
RE: OT: Serves Me Right - DHCP problem [7:54402]
Hmm ... that email seemed to make more sense when I sent it ... Let's try this again- IIRC - Win2k and later detect 'cable disconnects', and de-IP your system. Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. -Original Message- From: Evans, TJ [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:49 PM To: [EMAIL PROTECTED] Subject: RE: OT: Serves Me Right - DHCP problem [7:54402] Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. Thanks! TJ -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by the above functionno mobile ip..no special setup..just like Darrell said... Larry Chuck's Long Road wrote: well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has be
RE: OT: Serves Me Right - DHCP problem [7:54402]
Evans, TJ wrote: IIRC: Win2k and later detect 'cable disconnects', and de-IP your system. Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. Not to beat this to death, but that must indeed be the explanation. W2K and XP recognize when the user connects the Ethernet cable and resend a DHCP request, assuming DHCP is being used. So when the PC is moved to a new location and new subnet, it gets a proper address without any user twidling beyond inserting the cable. This seems too smart for Windoze, but I can't think of any other explanataion. So, Chuck's users are using W2K and XP. What could they be doing wrong?? Also, of course, this doesn't solve the problem for wireless users. That's not what Chuck was asking about, but it's still an interesting issue. They could benefit from Mobile IP. (I really want to recommend that. ;-) The reason I say that the cable insertion theory is the explanation is that there's no other way for the operating system and protocol stack to know that it needs to send a new DHCP request. Remember, we're talking about laptops that haven't been shut down. (Maybe they go to sleep though? Awaking from sleep might also cause a new DHCP request?) The PC can't tell that it's on a different network by just looking at packets. Even though it could see the IP addresses being used by other devices, it couldn't know the subnet mask and default gateway to use. Contrast this with AppleTalk, which solved this problem years ago. ;-) An AppleTalk end node hears the incessant RTMPs coming from routers. Not only does the end node learn the address of a gateway to use from that, but it also learns its own network number because the local net number is always the first one in the RTMP packet. Of course, the tradeoff was those incessant RTMPs. ;-) But moving a Mac to a new network has always been pretty straightforward, despite a rather annoying message that comes up and confuses users. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Thanks! TJ -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by the above functionno mobile ip..no special setup..just like Darrell said... Larry Chuck's Long Road wrote: well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM b
RE: OT: Serves Me Right - DHCP problem [7:54402]
This may seem like too simple of a solution (no such thing though right?) But my approach to this problem for a consulting client who floats from network to network with a wireless NIC was to just make him a batch file and put a shortcut to it on his desktop. The batch file has two commands in it: ipconfig/release ipconfig/renew (naturally, a win98 machine needs ipconfig/release_all and ipconfig/renew_all) And I told him to double-click that icon if he ever wasn't getting network traffic. Of course, I got the usual end user questions - why do I have to do this, isn't there a way that I can go from work to home and not have to click this icon, etc... I told him his other option was to get billed for me to make an on-site visit to do the same thing, and it hasn't been an issue since. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 2:55 PM To: [EMAIL PROTECTED] Subject: RE: OT: Serves Me Right - DHCP problem [7:54402] Evans, TJ wrote: IIRC: Win2k and later detect 'cable disconnects', and de-IP your system. Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. Not to beat this to death, but that must indeed be the explanation. W2K and XP recognize when the user connects the Ethernet cable and resend a DHCP request, assuming DHCP is being used. So when the PC is moved to a new location and new subnet, it gets a proper address without any user twidling beyond inserting the cable. This seems too smart for Windoze, but I can't think of any other explanataion. So, Chuck's users are using W2K and XP. What could they be doing wrong?? Also, of course, this doesn't solve the problem for wireless users. That's not what Chuck was asking about, but it's still an interesting issue. They could benefit from Mobile IP. (I really want to recommend that. ;-) The reason I say that the cable insertion theory is the explanation is that there's no other way for the operating system and protocol stack to know that it needs to send a new DHCP request. Remember, we're talking about laptops that haven't been shut down. (Maybe they go to sleep though? Awaking from sleep might also cause a new DHCP request?) The PC can't tell that it's on a different network by just looking at packets. Even though it could see the IP addresses being used by other devices, it couldn't know the subnet mask and default gateway to use. Contrast this with AppleTalk, which solved this problem years ago. ;-) An AppleTalk end node hears the incessant RTMPs coming from routers. Not only does the end node learn the address of a gateway to use from that, but it also learns its own network number because the local net number is always the first one in the RTMP packet. Of course, the tradeoff was those incessant RTMPs. ;-) But moving a Mac to a new network has always been pretty straightforward, despite a rather annoying message that comes up and confuses users. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Thanks! TJ -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by the above functionno mobile ip..no special setup..just like Darrell said... Larry Chuck's Long Road wrote: well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user exp
Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54661]
fortunately, smarter people than I took the troubleshooting. The problem was this: The Network Admin decided to use a DHCP super scope on the Win2K server, with several DHCP subscopes ( one for each office ) underneath. He had understood that the purpose of the superscope was to pass values common to all subscopes - things like NTP server, DNS server, SMTP server - while things like the default gateway would remain with the sub scopes. Turns out this was a misunderstanding. The superscope ( apparently, if I understand what I am being told ) is only for segments where there are numbers of subnets on the same wire. This actually might explain why Microsoft tech support misunderstood what was happening, and gave the seemingly ludicrous advice to revert back to a Big Flat Bridged Network. They were actually saying something else, but we misinterpreted. As of today, the customer is testing, without the superscope in place, and all appears well. Win2K and WinXP workstations are mobile, and are behaving the way many of you described as proper. See- the problem is always a server problem. It's NEVER the routers ;- Chuck Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Evans, TJ wrote: IIRC: Win2k and later detect 'cable disconnects', and de-IP your system. Strangely, they also detect 'cable reconnects' and attempt to re-IP (via DHCP, or autoconfig if enabled) you at that time. Not to beat this to death, but that must indeed be the explanation. W2K and XP recognize when the user connects the Ethernet cable and resend a DHCP request, assuming DHCP is being used. So when the PC is moved to a new location and new subnet, it gets a proper address without any user twidling beyond inserting the cable. This seems too smart for Windoze, but I can't think of any other explanataion. So, Chuck's users are using W2K and XP. What could they be doing wrong?? Also, of course, this doesn't solve the problem for wireless users. That's not what Chuck was asking about, but it's still an interesting issue. They could benefit from Mobile IP. (I really want to recommend that. ;-) The reason I say that the cable insertion theory is the explanation is that there's no other way for the operating system and protocol stack to know that it needs to send a new DHCP request. Remember, we're talking about laptops that haven't been shut down. (Maybe they go to sleep though? Awaking from sleep might also cause a new DHCP request?) The PC can't tell that it's on a different network by just looking at packets. Even though it could see the IP addresses being used by other devices, it couldn't know the subnet mask and default gateway to use. Contrast this with AppleTalk, which solved this problem years ago. ;-) An AppleTalk end node hears the incessant RTMPs coming from routers. Not only does the end node learn the address of a gateway to use from that, but it also learns its own network number because the local net number is always the first one in the RTMP packet. Of course, the tradeoff was those incessant RTMPs. ;-) But moving a Mac to a new network has always been pretty straightforward, despite a rather annoying message that comes up and confuses users. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Thanks! TJ -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Nothing to fess up to, Chuck..My w2K works the same way at home.. connect, get a number..disconnect and reconnect , get a different number.. Linksys routers are pretty simple devices...I have two of them currently and both give out dhcp on different subnets...I can get an address from either one by the above functionno mobile ip..no special setup..just like Darrell said... Larry Chuck's Long Road wrote: well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building witho
Re: OT: Serves Me Right - DHCP problem [7:54402]
Kevin Wigle wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... W2K/XP does that automatically. If you have the icon turned on in the system tray for the nic, you will see when the cable is unplugged and when it is plugged in again. (you don't need it turned on to work) this has been stated somewhere before in this thread. That was me trying to keep everyone's perspective of the pre-w2k clients on the described network. But I didn't realize there were problems with w2k clients as well at that point. But Chuck says he has W2K/XP and it isn't working. (for everybody). Why is it working for some and not others? In our lab we sometimes punch a PC from one segment to another. When it doesn't work we just unplug and replug and it usually works the 2nd time. Oh I didn't catch that part of the problem description. I thought the users were all 98/NT4. If that were so, it would be perfectly expected what's happening. Sounds like it's time to get the sniffer working. Yes it really does sound like time to look at L2 and the ACTUAL details of this situation. Could be a variety of things but the packet capture should show the cards. After solving those though there is still the pre-w2k clients which aren't disappearing tomorrow. IMHO the traditional way to handle this before many clients did the automatic renewal upon link up was to: a)make the mobile access ports on one VLAN per building(or conveniently close geographic footprint) b)with caution tune lease times downward for those access VLANs to roughly the time it would take to travel from one building/campus to another Some folks also: -got fancy with meeting the concept behind A and did things based upon mac prefixes. -just educated folks to release and acquire a new address or reboot(doesn't help Chuck's situation much) Darrell Service Advisor http://www.netswitch.net Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54576t=54402 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Serves Me Right - DHCP problem [7:54402]
Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has been problematic for a lot of reasons, so it is not unusual for a round of e-mails from the customer complaining about one thing or another. Today was a good one, however. Shows to go you have to ask things you normally wouldn't think about. DHCP - no big deal. Works fine. All of us have probably used it or configured it. All of us probably have experience with running several small sites off a single DHCP server at a central site. So why is the customer complaining about DHCP not working, and it's because our routers are screwed up and Microsoft told them that they would have to change their network addressing to a single class B rather than subnets of /16 space, the way I designed it? The routers are configured correctly. The network is designed correctly - no overlapping subnets. IP helpering is configured correctly. Problem occurs with several users, different NIC's, either Win2K or WinXP. No one common factor. Worked just fine before we put the new routers in. Recognizing that Microsoft is full of C**P and their TCP stack is S**T, still, why the problem. Gee, what happens to DHCP when you go from a single flat bridged network to a segmented routed network? Especially to mobile users, who travel from site to site for various reasons on a regular basis? Serves me right Chuck -- www.chuckslongroad.info like my web site? take the survey! -- Larry Letterman Network Engineer C
Re: OT: Serves Me Right - DHCP problem [7:54402]
thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has been problematic for a lot of reasons, so it is not unusual for a round of e-mails from the customer complaining about one thing or another. Today was a good one, however. Shows to go you have to ask things you normally wouldn't think about. DHCP - no big deal. Works fine. All of us have probably used it or configured it. All of us probably have experience with running several small sites off a single DHCP server at a central site. So why is the customer complaining about DHCP not working, and it's because our routers are screwed up and Microsoft told them that they would have to change their network addressing to a single class B rather than subnets of /16 space, the way I designed it? The routers are configured correctly. The network is designed correctly - no overlapping subnets. IP helpering is configured correctly. Problem occurs with several users, different NIC's, either Win2K or WinXP. No one common factor. Worked just fine before we put the new routers in. Recognizing that Microsoft is full of C**P and their TCP stack is S**T, still, why the problem. Gee, what happens to DHCP when you go from a single flat bridged network to a segmented routed network? Especially to mobile users, who travel from site to site for various reasons on a regular basis? Serves me right Chuck -- www.chuckslongroad.info like my web site? take the survey! -- Larry Letterman Network Engineer Cisco Systems Inc. -- Larry Letterman Network Engineer Cisco Systems Inc. Message Posted at: http://www.groupstudy.com/fo
Re: OT: Serves Me Right - DHCP problem [7:54402]
well S*** Larry, thanks for providing that vital piece of troubleshooting relevant information! I still say you are using Mobile IP. fess up ;- Chuck -- www.chuckslongroad.info like my web site? take the survey! Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... thats why we put in wireless in all our buildings..moving around is no problem... Priscilla Oppenheimer wrote: Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has been problematic for a lot of reasons, so it is not unusual for a round of e-mails from the customer complaining about one thing or another. Today was a good one, however. Shows to go you have to ask things you normally wouldn't think about. DHCP - no big deal. Works fine. All of us have probably used it or configured it. All of us probably have experience with running several small sites off a single DHCP server at a central site. So why is the customer complaining about DHCP not working, and it's because our routers are screwed up and Microsoft told them that they would have to change their network addressing to a single class B rather than subnets of /16 space, the way I designed it? The routers are configured correctly. The network is designed correctly - no overlapping subnets. IP helpering is configured correctly. Problem occurs with several users, different NIC's, either Win2K or WinXP. No one common factor. Worked just fine before we put the new routers in. Recognizing that M
RE: OT: Serves Me Right - DHCP problem [7:54402]
well...when I unplug from my building and re-plug in next door my win2K laptop re-acquires a new network ip from the new subnet.. Is this not normal ? Its been this way ever since I have had a laptop on campus... Larry Letterman Network Engineer Cisco Systems Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, September 29, 2002 1:01 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my web site? take the survey! Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Spare us the mystery and tell us what you're getting at. :-) Did you forget to tell the DHCP server to provide the correct default gateway address to the PCs? That's my guess, since you say everything else like helper addresses, etc. is configured correctly. Just a late-night theory, waiting for Jay Leno to come on. Thanks, Priscilla Chuck's Long Road wrote: The AVVID solution I sold a few months ago is gong through implementation. This project has been problematic for a lot of reasons, so it is not unusual for a round of e-mails from the customer complaining about one thing or another. Today was a good one, however. Shows to go you have to ask things you normally wouldn't think about. DHCP - no big deal. Works fine. All of us have probably used it or configured it. All of us probably have experience with running several small sites off a single DHCP server at a central site. So why is the customer complaining about DHCP not working, and it's because our routers are screwed up and Microsoft told them that they would have to change their network addressing to a single class B rather than subnets of /16 space, the way I designed it? The routers are configured correctly. The network is designed correctly - no overlapping subnets. IP helpering is configured correctly. Problem occurs with several users, different NIC's, either Win2K or WinXP. No one common factor. Worked just fine before we put the new routers in. Recognizin
Re: OT: Serves Me Right - DHCP problem [7:54402]
this has been stated somewhere before in this thread. W2K/XP does that automatically. If you have the icon turned on in the system tray for the nic, you will see when the cable is unplugged and when it is plugged in again. (you don't need it turned on to work) W2K automatically senses that things have changed and will automatically do the update. However, Win95/Win98 does not do this. These clients will have to release/renew which of course clients aren't used to since the network was flat. If that's the way it's always been for you then you must be a youngster OR no experience with Win9x OR always worked on a flat network. I work in a large MAN (15,000+) users where we are just finishing migrating to W2K Pro from NT 4.0 and Win95 (laptops have Win98). Laptops would only acquire a new address if the lease they had had expired. If the lease has not expired (or approached the first refesh time which is one half of lease) then they will use the same address. If they have expired then they will request from DHCP to use the same address but DHCP will answer NO, and re-issue the proper IP info for that segment. But Chuck says he has W2K/XP and it isn't working. (for everybody). Why is it working for some and not others? In our lab we sometimes punch a PC from one segment to another. When it doesn't work we just unplug and replug and it usually works the 2nd time. Sounds like it's time to get the sniffer working. Kevin Wigle - Original Message - From: Larry Letterman To: Sent: Sunday, September 29, 2002 10:41 PM Subject: RE: OT: Serves Me Right - DHCP problem [7:54402] well...when I unplug from my building and re-plug in next door my win2K laptop re-acquires a new network ip from the new subnet.. Is this not normal ? Its been this way ever since I have had a laptop on campus... Larry Letterman Network Engineer Cisco Systems Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, September 29, 2002 1:01 PM To: [EMAIL PROTECTED] Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] Darrell Newcomb wrote: Because pre-W2K windows didn't automatically try to renew a lease when the ethernet interface comes back up after being down. So...if the old lease hadn't come up for renewal during the time the machine moved from point A to B.the users don't automatically get connectivity. Plus with laptops, the user expects to not have to reboot. They may just move from building to building without shutting down the laptop. It might go to sleep, but you should just be able to hit a button and keep working. It seems like a reasonable user expectation, but alas, we as networkers haven't done a good job in this area. (at least with IP) The technical issue is that the user is in a different subnet and needs a new IP address and default gateway after moving to a new building, location, whatever. Priscilla Lots of options to teach the helpdesk how to educate usersbut since it 'worked before' in Chuck's case it's seen as a (big?) problem(PITA). Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... why is that ? we have segmented avvid network across our campus. The laptops are all W2K and they work just fine without any issues on DHCP...The routers are all running hsrp and work correctly.. Chuck's Long Road wrote: I see I should have made this one a Friday Folly :- In a Big Flat Bridged Network, a mobile user unplugs the laptop at one office, drives over to the next office, plugs back in, and no further action is required. The Windoze PC has retained it's IP address, and the network doesn't care about location, because it is one big flat network. However, in the brand new ATM based AVVID ready routed network, said mobile user is now in a different segment in each location. With Windoze, you have to manually intervene. Sometimes you have to release the IP address, reload the computer, and then get your new DHCP assignment. Users don't like this. After all, now they have to do something, whereas before they did not. Never mind the higher speed, the failover capability of the routers, the new 100 mbs switches rather than 10mbs. They have to take an extra step or two in order to log in. This is normal behaviour for Windoze machines, and maybe for DHCP clients in general. I have had to do this release / renew for years. But to the customer, who is pretty naive in terms of networking, there is a problem that was caused by the new routers. To the users, there is a problem that never existed before. Like I said, serves me right. You give a customer a great new network, and you break something so rudimentary that it never would have occurred otherwise. :- -- www.chuckslongroad.info like my