我有一个 Cisco 897 作为 LAN 的 DHCP 服务器。问题是没有客户端收到 DHCP ACK。
- 客户端发送 DHCP 发现
- Cisco 使用 DHCP 提供响应(带有 IP 地址)
- 客户端响应 DHCP 请求(具有相同的 IP 地址)
- 从 Cisco 看不到 DHCP ACK 以确认租用
- 由于没有 ACK,客户端循环请求 DHCP 地址
我一直在使用 USB-> 以太网适配器将 MacBook Pro 连接到 897 上的 8 个 LAN 端口之一。我还尝试将运行 Ubuntu 的联想连接到 8 个 LAN/交换机端口之一。
当连接到我身边的备用第 3 方 CPE 时,这两种设备都可以工作。当其中一个连接到 Cisco 并运行 Wireshark 时,它们现在都显示来自 Cisco 的 DHCP ACK。
然而,Cisco 在以下调试输出中确实报告了 DHCP ACK:
897VAW-E-K9# debug ip dhcp server events
897VAW-E-K9# debug ip dhcp server packet
897VAW-E-K9# debug ip dhcp server linkage
*Feb 6 2036 16:38:19.403 GMT: DHCPD: client's VPN is .
*Feb 6 2036 16:38:19.403 GMT: DHCPD: No option 125
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Option 125 not present in the msg.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Sending notification of DISCOVER:
*Feb 6 2036 16:38:19.403 GMT: DHCPD: htype 1 chaddr 00e0.4c36.114d
*Feb 6 2036 16:38:19.403 GMT: DHCPD: remote id 020a0000c0a83a0100010001
*Feb 6 2036 16:38:19.403 GMT: DHCPD: circuit id 00000000
*Feb 6 2036 16:38:19.403 GMT: DHCPD: DHCPDISCOVER received from client 0100.e04c.3611.4d on interface Vlan1.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Option 125 not present in the msg.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Seeing if there is an internally specified pool class:
*Feb 6 2036 16:38:19.403 GMT: DHCPD: htype 1 chaddr 00e0.4c36.114d
*Feb 6 2036 16:38:19.403 GMT: DHCPD: remote id 020a0000c0a83a0100010001
*Feb 6 2036 16:38:19.403 GMT: DHCPD: circuit id 00000000
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Found p
897VAW-E-K9#revious server binding
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Sending DHCPOFFER to client 0100.e04c.3611.4d (192.168.58.3).DHCPD: Setting only requested parameters
*Feb 6 2036 16:38:19.403 GMT: DHCPD: child pool: 192.168.58.0 / 255.255.255.0 (LAN-IPV4)
*Feb 6 2036 16:38:19.403 GMT: DHCPD: pool LAN-IPV4 has no parent.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: child pool: 192.168.58.0 / 255.255.255.0 (LAN-IPV4)
*Feb 6 2036 16:38:19.403 GMT: DHCPD: pool LAN-IPV4 has no parent.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: child pool: 192.168.58.0 / 255.255.255.0 (LAN-IPV4)
*Feb 6 2036 16:38:19.403 GMT: DHCPD: pool LAN-IPV4 has no parent.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: Option 125 not present in the msg.
*Feb 6 2036 16:38:19.403 GMT: DHCPD: no option 125
*Feb 6 2036 16:38:19.403 GMT: DHCPD: src nbma addr as zero
*Feb 6 2036 16:38:19.403 GMT: DHCPD: ARP entry exists (192.168.58.3, 00e0.4c36.114d).
*Feb 6 2036 16:38:19.403 GMT: DHCPD: unicasting BOOTREPLY to client 00e0.4c36.114d (192.168.58.3).
*Feb 6 2036 16:38:20.407 GMT: DHCPD: client's VPN is .
*Feb 6 2036 16:38:20.407 GMT: DHCPD: No option 125
*Feb 6 2036 16:38:20.407 GMT: DHCPD: DHCPREQUEST received from client 0100.e04c.3611.4d.
*Feb 6 2036 16:38:20.407 GMT: DHCPD: Option 125 not present in the msg.
*Feb 6 2036 16:38:20.407 GMT: DHCPD: Sending notification of ASSIGNMENT:
*Feb 6 2036 16:38:20.407 GMT: DHCPD: address 192.168.58.3 mask 255.255.255.0
*Feb 6 2036 16:38:20.407 GMT: DHCPD: htype 1 chaddr 00e0.4c36.114d
*Feb 6 2036 16:38:20.407 GMT: DHCPD: Appending default domain from pool
*Feb 6 2036 16:38:20.407 GMT: DHCPD: Using hostname 'UKC02X9BEDJG5H.home.' for dynamic update (from hostname option)
*Feb 6 2036 16:38:20.407 GMT: DHCPD: Sending DHCPACK to client 0100.e04c.3611.4d (192.168.58.3).DHCPD: Setting only requested parameters
我已将 Cisco 上的 DHCP 配置剥离回以下内容:
897VAW-E-K9#show run | sec dhcp
ip dhcp excluded-address 192.168.58.1
ip dhcp pool LAN-IPV4
network 192.168.58.0 255.255.255.224
default-router 192.168.58.1
dns-server 1.1.1.1 1.0.0.1
domain-name home.tld
lease 7
897VAW-E-K9#show run int vlan 1
Building configuration...
Current configuration : 251 bytes
!
interface Vlan1
description LAN
ip address 192.168.58.1 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
ip verify unicast source reachable-via rx
no ip route-cache
ntp disable
end
897VAW-E-K9#show run int gi0
Building configuration...
Current configuration : 123 bytes
!
interface GigabitEthernet0
switchport mode access
no ip address
no cdp enable
no lldp transmit
no lldp receive
end
我还删除了启动配置,重新启动,并尝试仅应用以下最小配置:
ip dhcp pool LAN-IPV4
network 192.168.58.0 255.255.255.224
default-router 192.168.58.1
interface Vlan1
description LAN
ip address 192.168.58.1 255.255.255.224
interface GigabitEthernet0
switchport mode access
两台笔记本电脑上的结果相同,尽管 Cisco DHCP 日志声称已发送 ACK,但未收到 DHCP ACK(根据 Wireshark)。
在 Wireshark 中可以看到下面的 DHCP 数据包:
如果我手动为任何一台笔记本电脑分配了一个 IP,我可以 ping 路由器和 SSH 到它就好了,它确实只是 DHCP 由于某种原因不起作用。
我尝试了两种不同的 IOS 映像,c800-universalk9-mz.SPA.157-3.M5.bin 和 c800-universalk9-mz.SPA.159-3.M1.bin,它们都表现出完全相同的行为。
启用的许可证是advipservices:
897VAW-E-K9#show license feature
Feature name Enforcement Evaluation Subscription Enabled RightToUse
advipservices no yes no yes yes
advsecurity no no no no no
ios-ips-update yes yes yes no yes
MEM-8XX-512U1GB yes yes no no yes
此路由器的Cisco 页面显示支持 DHCP 服务器。这个路由器看起来和图中的一模一样,它是一个 C897VAW-E-K9。
我很难过为什么这么简单的事情不起作用。
奇怪的是,我刚刚尝试从 DHCP 池中排除所有 IP 地址,现在连接的测试笔记本电脑收到了 DHCP 分配(Wireshark 显示了来自 Cisco 的 DHCP ACK)-WTF 正在这里进行吗?!
897VAW-E-K9(config)#ip dhcp excluded-address 192.168.58.1 192.168.58.254
897VAW-E-K9(config)#do show run | sec dhcp
ip dhcp debug ascii-client-id
ip dhcp excluded-address 192.168.58.1 192.168.58.254
ip dhcp pool LAN-IPV4
network 192.168.58.0 255.255.255.0
default-router 192.168.58.1
dns-server 1.1.1.1 1.0.0.1
domain-name home.tld
lease 7
ip dhcp snooping
ip dhcp-server query lease retries 1
ip dhcp-server query lease timeout 60
897VAW-E-K9#
*Feb 6 2036 07:19:48.822 GMT: %SYS-5-CONFIG_I: Configured from console by test on console
897VAW-E-K9#ping 192.168.58.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.58.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms