Jump to content
Калькуляторы

c4503 и dhcp - туплю! То ли лыжи не едут, то ли я...

Братья, туплю по страшной силе...

Хомячок не получает адрес с ДХЦП-сервера. На интерфейсе сервера не вижу ни одного запроса со стороны хомячка (даже при подключении тестового бука), на сетевухе получать всё автоматом. Прописываю вручную - хомячок работает, ДХЦП-сервер он же шлюз в инет для хомячка.

Девайс c4503, СУП-2+

Схема сети, в части которой трабла.

DHCP (192.168.250.254)--vlan250--f3/20(c4503)f3/47--vlan101--хомячок

 

Конфо без парольев и лишних фейсов:

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

!

hostname c4503

!

boot system flash bootflash:cat4000-i9s-mz.122-20.EW4.bin

vtp mode transparent

ip subnet-zero

no ip source-route

no ip igmp snooping

no ip domain-lookup

!

no ip bootp server

ip vrf mgmtVrf

no file verify auto

!

spanning-tree mode pvst

spanning-tree extend system-id

no spanning-tree vlan 1-999

power redundancy-mode redundant

vlan internal allocation policy ascending

!

vlan 2

name FAKE

!

vlan 101

name LOC-FON-101

!

vlan 250

name LOC-FON-250

!

interface FastEthernet3/20

description GW-LOC-FON

switchport access vlan 250

switchport mode access

!

interface FastEthernet3/47

switchport access vlan 101

switchport mode access

!

interface Vlan101

description LOC-FON-101 vlan terminator

ip address 192.168.1.1 255.255.255.240

ip helper-address 192.168.250.254

no ip redirects

no ip unreachables

no ip proxy-arp

ip dhcp relay information trusted

no ip mroute-cache

ip policy route-map RM-LOC-FON

!

interface Vlan250

description LOC-FON-250 vlan terminator

ip address 192.168.250.250 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

!

interface Vlan4000

description UPLINK default route vlan terminator

ip address 10.255.7.1 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

!

no ip forward-protocol nd

no ip forward-protocol udp tftp

no ip forward-protocol udp domain

no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm

no ip forward-protocol udp tacacs

ip forward-protocol udp bootpc

ip forward-protocol udp bootps

!

ip route 0.0.0.0 0.0.0.0 10.255.7.2

ip route 10.0.0.0 255.0.0.0 Null0

ip route 172.16.0.0 255.240.0.0 Null0

ip route 192.168.0.0 255.255.0.0 Null0

!

access-list 10 remark AL-LOC-FON

access-list 10 permit 192.168.1.0 0.0.0.255

!

route-map RM-LOC-FON permit 10

match ip address 10

set ip next-hop 192.168.250.254

!

...

 

c4503#sh ip int vlan101

Vlan101 is up, line protocol is up

Internet address is 192.168.1.1/28

Broadcast address is 255.255.255.255

Address determined by setup command

MTU is 1500 bytes

Helper address is 192.168.212.254

Directed broadcast forwarding is disabled

Outgoing access list is not set

Inbound access list is not set

Proxy ARP is disabled

Local Proxy ARP is disabled

Security level is default

Split horizon is enabled

ICMP redirects are never sent

ICMP unreachables are never sent

ICMP mask replies are never sent

IP fast switching is enabled

IP fast switching on the same interface is disabled

IP Flow switching is disabled

IP CEF switching is enabled

IP CEF Feature Fast switching turbo vector

IP multicast fast switching is disabled

IP multicast distributed fast switching is disabled

IP route-cache flags are Fast, CEF

Router Discovery is disabled

IP output packet accounting is disabled

IP access violation accounting is disabled

TCP/IP header compression is disabled

RTP/IP header compression is disabled

Probe proxy name replies are disabled

Policy routing is enabled, using route map RM-LOC-FON

Network address translation is disabled

WCCP Redirect outbound is disabled

WCCP Redirect inbound is disabled

WCCP Redirect exclude is disabled

BGP Policy Mapping is disabled

 

c4503#sh mac address-table vlan 101

Unicast Entries

vlan mac address type protocols port

-------+---------------+--------+---------------------+--------------------

101 000e.3842.33ff static ip,ipx,assigned,other Switch

101 001d.6026.da9b dynamic ip FastEthernet3/47

101 0024.2130.893b dynamic ip FastEthernet3/47

101 0024.2130.8dd6 dynamic ip FastEthernet3/47

 

 

Где у меня, кроме головы, проблема? Вроде всё просто должно быть, и иос поддерживает нужные функции. 65 на практически аналогичном конфиге фунциклирует.

Edited by UncleDen

Share this post


Link to post
Share on other sites
ip dhcp snooping vlan vlan 101
Результат отрицательный. Маки в вилане есть, сервер виден, но tcpdump фиксирует ДХП запросы только от 250 сети.

Что за фигня...

Share this post


Link to post
Share on other sites

Воз и ныне там.

Снупинг включал-выключал. Один фиг. Нет пакетов на интерфейс ДХЦП.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this