Ethernet Switching
Highlighted
Ethernet Switching

EX4300 Not Passing DHCP

[ Edited ]
‎11-29-2017 12:04 PM

I have a support case open, but the engineer want to try reproducing the issue in their lab which could be a few days. So I thought I'd, ask the community as well.

 

The switches in question are EX4300s running the current JTAC recommended software(14.1X53-D45). They were installed over the weekend, and replaced EX4200s which did not have any issue.

 

I am having problems with DHCP in a primarily wireless environment.  DHCP is set up on a server and a DHCP relay pointing to that server is configured for several subnets. The initial DHCP request sequence of Discover, Offer, Request, ACK succeeds in all cases, as well, the periodic DHCP Request packets when a client requests an IP renew (or when doing ipconfig /renew) succeed. These renews are unicast to the server.

The issue is when a client roams to an access point on a new subnet. After wireless association, the client sends a DHCP Renew (broadcast this time), which the server does not see. The client repeats the DHCP Renew until it times out. Eventually, the client starts the DHCP process over again starting with a Discover, and gets an IP. This whole process is 1-3 minutes. On occasion (5% or less), it will work correctly and the server will recieve the Renew request broadcast from the relay, reply with a NAK, and the client will send the DHCP Discover immediatley and get an IP.

 

I have checked with another compuer running Wireshark and associated to the same access point, that the DHCP Renew broadcast is being forwarded by the AP, just not seen by the server.

 

This feels like a software bug to me..

6 REPLIES 6
Ethernet Switching

Re: EX4300 Not Passing DHCP

‎11-29-2017 04:23 PM

You might want to post your config so folks can take a look.

Ethernet Switching

Re: EX4300 Not Passing DHCP

[ Edited ]
‎11-30-2017 05:10 AM

That would be helpful wouldnt it:

version 14.1X53-D45.3;
system {
    host-name VC-B;
    auto-snapshot;
    time-zone America/Toronto;
    root-authentication {
        encrypted-password "$1$VoH3Jsg.$hIKeWOU2aHHPTBCr2jcJ//"; ## SECRET-DATA
    }
    services {
        ssh {
            protocol-version v2;
        }
        web-management {
            http {
                interface all;
            }
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
    processes {
        dhcp-service {
            traceoptions {
                file dhcp_logfile size 10m;
                level all;
                flag all;
            }
        }
    }
    ntp {
        server 10.1.100.66;
        server 10.1.100.67;
    }
}
chassis {
    redundancy {
        graceful-switchover;
    }
}
interfaces {
    interface-range MCImaging {
        member-range ge-5/0/0 to ge-5/0/46;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members MCImaging;
                }
            }
        }
    }
    interface-range USWireless1 {
        member-range ge-0/0/0 to ge-0/0/2;
        member-range ge-0/0/45 to ge-0/0/47;
        member-range ge-1/0/0 to ge-1/0/2;
        member-range ge-1/0/45 to ge-1/0/47;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members USWireless1;
                }
            }
        }
    }
    interface-range USWireless2 {
        member-range ge-0/0/4 to ge-0/0/6;
        member-range ge-0/0/41 to ge-0/0/43;
        member-range ge-1/0/4 to ge-1/0/6;
        member-range ge-1/0/41 to ge-1/0/43;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members USWireless2;
                }
            }
        }
    }
    interface-range USWireless3 {
        member-range ge-0/0/8 to ge-0/0/10;
        member-range ge-0/0/37 to ge-0/0/39;
        member-range ge-1/0/8 to ge-1/0/10;
        member-range ge-1/0/37 to ge-1/0/39;
        member-range ge-3/0/8 to ge-3/0/12;
        member-range ge-3/0/38 to ge-3/0/42;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members USWireless3;
                }
            }
        }
    }
    interface-range MCWired {
        member-range ge-0/0/22 to ge-0/0/25;
        member-range ge-1/0/22 to ge-1/0/25;
        member-range ge-2/0/6 to ge-2/0/11;
        member-range ge-2/0/34 to ge-2/0/39;
        member-range ge-3/0/35 to ge-3/0/36;
        member-range ge-4/0/8 to ge-4/0/9;
        member-range ge-4/0/40 to ge-4/0/41;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members MCWired;
                }
            }
        }
    }
    interface-range MCVoIP {
        member ge-3/0/14;
        member-range ge-0/0/32 to ge-0/0/35;
        member-range ge-1/0/32 to ge-1/0/35;
        member-range ge-2/0/13 to ge-2/0/15;
        member-range ge-2/0/26 to ge-2/0/32;
        member-range ge-1/0/12 to ge-1/0/15;
        member-range ge-0/0/12 to ge-0/0/15;
        member-range ge-4/0/11 to ge-4/0/12;
        member-range ge-4/0/29 to ge-4/0/38;
        member-range ge-3/0/24 to ge-3/0/34;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members MCVoIP;
                }
            }
        }
    }
    interface-range MCPrinters {
        member ge-3/0/16;
        member ge-3/0/22;
        member ge-4/0/14;
        member ge-4/0/27;
        member-range ge-0/0/18 to ge-0/0/19;
        member-range ge-0/0/28 to ge-0/0/29;
        member-range ge-1/0/18 to ge-1/0/19;
        member-range ge-1/0/28 to ge-1/0/29;
        member-range ge-2/0/17 to ge-2/0/18;
        member-range ge-2/0/24 to ge-2/0/25;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members MCPrinters;
                }
            }
        }
    }
    interface-range PSWireless2 {
        member-range ge-2/0/0 to ge-2/0/2;
        member-range ge-2/0/45 to ge-2/0/47;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members PSWireless2;
                }
            }
        }
    }
    interface-range PSWireless3 {
        member-range ge-3/0/0 to ge-3/0/6;
        member-range ge-3/0/44 to ge-3/0/47;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members PSWireless3;
                }
            }
        }
    }
    interface-range PSWireless4 {
        member-range ge-4/0/0 to ge-4/0/6;
        member-range ge-4/0/43 to ge-4/0/47;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members PSWireless4;
                }
            }
        }
    }
    interface-range PSWirelessLC-DH {
        member ge-2/0/4;
        member-range ge-2/0/40 to ge-2/0/43;
        unit 0 {
            family ethernet-switching {
                vlan {
                    members PSWirelessLC-DH;
                }
            }
        }
    }
    interface-range RSTP-EdgePorts {
        member-range ge-1/0/0 to ge-1/0/47;
        member-range ge-2/0/0 to ge-2/0/47;
        member-range ge-3/0/0 to ge-3/0/47;
        member-range ge-4/0/0 to ge-4/0/47;
        member-range ge-5/0/0 to ge-5/0/47;
        member-range ge-0/0/36 to ge-0/0/47;
        member-range ge-0/0/0 to ge-0/0/34;
    }
    ge-0/0/26 {
        description "Connection to VME Management Port";
        unit 0 {
            family inet {
                address 10.20.1.1/24;
            }
        }
    }
    ge-0/2/3 {
        unit 0 {
            family inet {
                address 10.5.0.2/24;
            }
        }
    }
    irb {
        unit 158 {
            family inet {
                address 10.1.158.1/24;
            }
        }
        unit 1054 {
            family inet {
                address 10.4.105.1/24;
            }
        }
        unit 1104 {
            family inet {
                address 10.4.110.1/24;
            }
        }
        unit 1504 {
            family inet {
                address 10.4.150.1/23;
            }
        }
        unit 2104 {
            family inet {
                address 10.4.210.1/23;
            }
        }
        unit 2204 {
            family inet {
                address 10.4.220.1/23;
            }
        }
        unit 2224 {
            family inet {
                address 10.4.222.1/23;
            }
        }
        unit 2244 {
            family inet {
                address 10.4.224.1/23;
            }
        }
        unit 2304 {
            family inet {
                address 10.4.230.1/23;
            }
        }
        unit 2324 {
            family inet {
                address 10.4.232.1/23;
            }
        }
        unit 2404 {
            family inet {
                address 10.4.240.1/23;
            }
        }
    }
    lo0 {
        description "PIM RP";
        unit 0 {
            family inet {
                address 10.20.2.1/32;
            }
        }
    }
    vme {
        unit 0 {
            family inet {
                address 10.20.1.2/24;
            }
        }
    }
}
forwarding-options {
    dhcp-relay {
        server-group {
            DHCP_Servers {
                10.1.100.66;
            }
            DHCP_Laptop {
                10.4.105.230;
            }
        }
        group DHCP_Interfaces {
            active-server-group DHCP_Servers;
        }
        group MC_DHCP_Interfaces {
            active-server-group DHCP_Laptop;
            interface irb.158;
            interface irb.1054;
            interface irb.1104;
            interface irb.1504;
            interface irb.2104;
            interface irb.2204;
            interface irb.2224;
            interface irb.2244;
            interface irb.2304;
            interface irb.2324;
            interface irb.2404;
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop 10.5.0.1;
    }
}
protocols {
    igmp {
        interface all {
            version 3;
        }
    }
    ospf {
        area 0.0.0.0 {
            interface lo0.0;
            interface ge-0/2/3.0 {
                authentication {
                    simple-password "$9$.PTF0BEyeWp07VsYGUHq.Pz3"; ## SECRET-DATA
                }
            }
            interface irb.1054 {
                authentication {
                    simple-password "$9$dnbY4k.5F6AikORcSW87-dbgo"; ## SECRET-DATA
                }
            }
            interface irb.1104 {
                authentication {
                    simple-password "$9$1GQRcr7-wgaUX7kPTQCA0B1Ryl"; ## SECRET-DATA
                }
            }
            interface irb.1504 {
                authentication {
                    simple-password "$9$F8n8n9tcyK8xdEcYoZG.mTzFnAp"; ## SECRET-DATA
                }
            }
            interface irb.2104 {
                authentication {
                    simple-password "$9$IVEESlNds4JDxNqfQzAtO1IEre"; ## SECRET-DATA
                }
            }
            interface irb.2204 {
                authentication {
                    simple-password "$9$SpjrKWwYoGjqVw5F6/OBEcSrM8"; ## SECRET-DATA
                }
            }
            interface irb.2224 {
                authentication {
                    simple-password "$9$KFXML74aUH.52439tpEhreKMxN"; ## SECRET-DATA
                }
            }
            interface irb.2244 {
                authentication {
                    simple-password "$9$o/JUiz39pORTzyKW8Vb24oJjH"; ## SECRET-DATA
                }
            }
            interface irb.2304 {
                authentication {
                    simple-password "$9$geoZDTz6Au1fTclvM-ds2goUj"; ## SECRET-DATA
                }
            }
            interface irb.2324 {
                authentication {
                    simple-password "$9$o5JUiz39pORTzyKW8Vb24oJjH"; ## SECRET-DATA
                }
            }
            interface irb.2404 {
                authentication {
                    simple-password "$9$43aGjQF/t0I5QSeMWdVYg4aDi"; ## SECRET-DATA
                }
            }
            interface irb.158 {
                authentication {
                    simple-password "$9$HqPTtu1hyKCtLNVbaJDiHq5Q"; ## SECRET-DATA
                }
            }
            interface irb.240 {
                authentication {
                    simple-password "$9$l5GKWX24ZjkPs2z6CAIRSrlKLx"; ## SECRET-DATA
                }
            }
        }
    }
    pim {
        rp {
            static {
                address 10.20.2.1;
            }
        }
        interface all {
            mode sparse;
        }
    }
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
    igmp-snooping {
        vlan default;
        vlan all;
    }
    rstp {
        bridge-priority 4k;
        interface RSTP-EdgePorts {
            edge;
        }
        bpdu-block-on-edge;
    }
}
virtual-chassis {
    member 0 {
        mastership-priority 255;
    }
    member 1 {
        mastership-priority 254;
    }
    member 2 {
        mastership-priority 128;
    }
    member 3 {
        mastership-priority 128;
    }
    member 4 {
        mastership-priority 128;
    }
    member 5 {
        mastership-priority 128;
    }
}
vlans {
    MCImaging {
        vlan-id 1054;
        l3-interface irb.1054;
    }
    MCPrinters {
        vlan-id 1104;
        l3-interface irb.1104;
    }
    MCVoIP {
        vlan-id 1504;
        l3-interface irb.1504;
    }
    MCWired {
        vlan-id 158;
        l3-interface irb.158;
    }
    PSWireless2 {
        vlan-id 2204;
        l3-interface irb.2204;
    }
    PSWireless3 {
        vlan-id 2304;
        l3-interface irb.2304;
    }
    PSWireless4 {
        vlan-id 2404;
        l3-interface irb.2404;
    }
    PSWirelessLC-DH {
        vlan-id 2224;
        l3-interface irb.2224;
    }
    USWireless1 {
        vlan-id 2104;
        l3-interface irb.2104;
    }
    USWireless2 {
        vlan-id 2244;
        l3-interface irb.2244;
    }
    USWireless3 {
        vlan-id 2324;
        l3-interface irb.2324;
    }
    default {
        vlan-id 1;
        l3-interface irb.0;
    }
}
poe {
    guard-band 19;
    interface all;
}

 

Ethernet Switching

Re: EX4300 Not Passing DHCP

‎11-30-2017 08:14 AM

I can't see anything wrong with the dhcp-relay portion of your config.

You might also try some of these options:

 

set forwarding-options dhcp-relay forward-snooped-clients all-interfaces
set forwarding-options dhcp-relay route-suppression destination
set forwarding-options dhcp-relay overrides allow-snooped-clients
set forwarding-options dhcp-relay overrides always-write-giaddr
Ethernet Switching

Re: EX4300 Not Passing DHCP

‎11-30-2017 09:34 AM

Thanks for the suggestion, I have just tested with these and I'm still seeing the same behaviour. Any other ideas?

I see there are release notes for 14.1X53-D46 dated yesterday, with a Problem Report related to DHCP Relay under the resolved issues. Now I'm wondering if my problem is related to that.

Ethernet Switching

Re: EX4300 Not Passing DHCP

‎11-30-2017 11:40 AM

Hello,

Please delete this statement from Your config

    processes {
        dhcp-service {
            traceoptions {
                file dhcp_logfile size 10m;
                level all;
                flag all;
            }
        }
    }

This stanza activates DHCP server as well that might interfere with Your DHCP relay.

HTH

Thx
Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Ethernet Switching

Re: EX4300 Not Passing DHCP

‎11-30-2017 11:59 AM

I thought the same thing as well and removed it. Unfortunatley it did not help.