Mailing List Archive

Cisco ASR 901 as a DHCP server
Wondering if anyone has configured a 901 as a DHCP server. It's being used
in a multi-tenant location, other customers are static public /30 and work
fine, but we have a customer who wants us to do DHCP for them. So instead
of adding another box, I was trying to get the 901 to be the DHCP server.
For some reason, it's not working. I have configured other routers no
problem as a DHCP server, this one the client gets an IP, can ping the
gateway, can ping the uplink IP, can ping the core, but can't leave our
network. Kinda feels like a MTU issue, but all set to 9000. Here's my
config:
Anyone ever try it, and have any suggestions?

ASR901 - A901-12C-F-D
AdvancedMetroIPAccess
Version 15.6(2)SP3

!
ip dhcp excluded-address 192.168.3.1 192.168.3.50
ip dhcp excluded-address 192.168.4.0 192.168.4.50
!
ip dhcp pool DATA
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server xx.xx.xx.xx
!
ip dhcp pool VOICE
network 192.168.4.0 255.255.255.0
dns-server xx.xx.xx.xx
default-router 192.168.4.1
!
interface GigabitEthernet0/0
description UPLINK TO CORE
mtu 9000
no ip address
ip nat outside
load-interval 30
negotiation auto
service instance 50 ethernet
description PTP to CORE OSPF Area 0
encapsulation untagged
bridge-domain 50
!
interface Vlan50
description OSPF TO CORE
mtu 9000
ip address xx.xx.206.30 255.255.255.252
no ip redirects
no ip proxy-arp
ip nat outside
ip pim sparse-mode
ip ospf network point-to-point
ip ospf mtu-ignore
load-interval 30
carrier-delay msec 0
mpls ip
mpls traffic-eng tunnels
!
interface GigabitEthernet0/1
description Uplink to Customer XXXXXX - DHCP Inside
mtu 9000
no ip address
ip nat inside
load-interval 30
negotiation auto
service instance 100 ethernet
description XXXXXXX Data Network
encapsulation untagged
bridge-domain 100
!
!
interface Vlan100
description XXXXXX Data Network
mtu 9000
ip address 192.168.3.1 255.255.255.0
no ip redirects
no ip proxy-arp
ip nat inside
!
ip nat inside source list 150 interface Vlan50 overload
!
access-list 150 remark Network Address Translation
access-list 150 permit ip 192.168.3.0 0.0.0.255 any
access-list 150 permit ip 192.168.4.0 0.0.0.255 any
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: Cisco ASR 901 as a DHCP server [ In reply to ]
I think the NAT might be the problem. Also you need to add the 192.168.4.1 gateway.

--
Jerry Bacon
StarTouch - Senior Network Engineer
Sent from my iPhone

> On May 21, 2021, at 11:30 AM, Scott Miller <fordlove@gmail.com> wrote:
>
> Wondering if anyone has configured a 901 as a DHCP server. It's being used
> in a multi-tenant location, other customers are static public /30 and work
> fine, but we have a customer who wants us to do DHCP for them. So instead
> of adding another box, I was trying to get the 901 to be the DHCP server.
> For some reason, it's not working. I have configured other routers no
> problem as a DHCP server, this one the client gets an IP, can ping the
> gateway, can ping the uplink IP, can ping the core, but can't leave our
> network. Kinda feels like a MTU issue, but all set to 9000. Here's my
> config:
> Anyone ever try it, and have any suggestions?
>
> ASR901 - A901-12C-F-D
> AdvancedMetroIPAccess
> Version 15.6(2)SP3
>
> !
> ip dhcp excluded-address 192.168.3.1 192.168.3.50
> ip dhcp excluded-address 192.168.4.0 192.168.4.50
> !
> ip dhcp pool DATA
> network 192.168.3.0 255.255.255.0
> default-router 192.168.3.1
> dns-server xx.xx.xx.xx
> !
> ip dhcp pool VOICE
> network 192.168.4.0 255.255.255.0
> dns-server xx.xx.xx.xx
> default-router 192.168.4.1
> !
> interface GigabitEthernet0/0
> description UPLINK TO CORE
> mtu 9000
> no ip address
> ip nat outside
> load-interval 30
> negotiation auto
> service instance 50 ethernet
> description PTP to CORE OSPF Area 0
> encapsulation untagged
> bridge-domain 50
> !
> interface Vlan50
> description OSPF TO CORE
> mtu 9000
> ip address xx.xx.206.30 255.255.255.252
> no ip redirects
> no ip proxy-arp
> ip nat outside
> ip pim sparse-mode
> ip ospf network point-to-point
> ip ospf mtu-ignore
> load-interval 30
> carrier-delay msec 0
> mpls ip
> mpls traffic-eng tunnels
> !
> interface GigabitEthernet0/1
> description Uplink to Customer XXXXXX - DHCP Inside
> mtu 9000
> no ip address
> ip nat inside
> load-interval 30
> negotiation auto
> service instance 100 ethernet
> description XXXXXXX Data Network
> encapsulation untagged
> bridge-domain 100
> !
> !
> interface Vlan100
> description XXXXXX Data Network
> mtu 9000
> ip address 192.168.3.1 255.255.255.0
> no ip redirects
> no ip proxy-arp
> ip nat inside
> !
> ip nat inside source list 150 interface Vlan50 overload
> !
> access-list 150 remark Network Address Translation
> access-list 150 permit ip 192.168.3.0 0.0.0.255 any
> access-list 150 permit ip 192.168.4.0 0.0.0.255 any
> _______________________________________________
> cisco-nsp mailing list cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: Cisco ASR 901 as a DHCP server [ In reply to ]
What do you mean by NAT might be the problem? I also have that
other subnet configured properly, just not included in the config I
provided. If I can't get 1 working, no sense in troubleshooting both. If
you might be able to elaborate a bit on your NAT suggestion, it would be
appreciated.

On Fri, May 21, 2021 at 3:15 PM Jerry Bacon <jerryb@startouch.com> wrote:

> I think the NAT might be the problem. Also you need to add the 192.168.4.1
> gateway.
>
> --
> Jerry Bacon
> StarTouch - Senior Network Engineer
> Sent from my iPhone
>
> > On May 21, 2021, at 11:30 AM, Scott Miller <fordlove@gmail.com> wrote:
> >
> > Wondering if anyone has configured a 901 as a DHCP server. It's being
> used
> > in a multi-tenant location, other customers are static public /30 and
> work
> > fine, but we have a customer who wants us to do DHCP for them. So instead
> > of adding another box, I was trying to get the 901 to be the DHCP server.
> > For some reason, it's not working. I have configured other routers no
> > problem as a DHCP server, this one the client gets an IP, can ping the
> > gateway, can ping the uplink IP, can ping the core, but can't leave our
> > network. Kinda feels like a MTU issue, but all set to 9000. Here's my
> > config:
> > Anyone ever try it, and have any suggestions?
> >
> > ASR901 - A901-12C-F-D
> > AdvancedMetroIPAccess
> > Version 15.6(2)SP3
> >
> > !
> > ip dhcp excluded-address 192.168.3.1 192.168.3.50
> > ip dhcp excluded-address 192.168.4.0 192.168.4.50
> > !
> > ip dhcp pool DATA
> > network 192.168.3.0 255.255.255.0
> > default-router 192.168.3.1
> > dns-server xx.xx.xx.xx
> > !
> > ip dhcp pool VOICE
> > network 192.168.4.0 255.255.255.0
> > dns-server xx.xx.xx.xx
> > default-router 192.168.4.1
> > !
> > interface GigabitEthernet0/0
> > description UPLINK TO CORE
> > mtu 9000
> > no ip address
> > ip nat outside
> > load-interval 30
> > negotiation auto
> > service instance 50 ethernet
> > description PTP to CORE OSPF Area 0
> > encapsulation untagged
> > bridge-domain 50
> > !
> > interface Vlan50
> > description OSPF TO CORE
> > mtu 9000
> > ip address xx.xx.206.30 255.255.255.252
> > no ip redirects
> > no ip proxy-arp
> > ip nat outside
> > ip pim sparse-mode
> > ip ospf network point-to-point
> > ip ospf mtu-ignore
> > load-interval 30
> > carrier-delay msec 0
> > mpls ip
> > mpls traffic-eng tunnels
> > !
> > interface GigabitEthernet0/1
> > description Uplink to Customer XXXXXX - DHCP Inside
> > mtu 9000
> > no ip address
> > ip nat inside
> > load-interval 30
> > negotiation auto
> > service instance 100 ethernet
> > description XXXXXXX Data Network
> > encapsulation untagged
> > bridge-domain 100
> > !
> > !
> > interface Vlan100
> > description XXXXXX Data Network
> > mtu 9000
> > ip address 192.168.3.1 255.255.255.0
> > no ip redirects
> > no ip proxy-arp
> > ip nat inside
> > !
> > ip nat inside source list 150 interface Vlan50 overload
> > !
> > access-list 150 remark Network Address Translation
> > access-list 150 permit ip 192.168.3.0 0.0.0.255 any
> > access-list 150 permit ip 192.168.4.0 0.0.0.255 any
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: Cisco ASR 901 as a DHCP server [ In reply to ]
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: Cisco ASR 901 as a DHCP server [ In reply to ]
The symptoms you described seem to indicate that, but without more information it’s hard to tell.

--
Jerry Bacon
StarTouch - Senior Network Engineer
Sent from my iPhone

> On May 22, 2021, at 11:12 AM, Scott Miller <fordlove@gmail.com> wrote:
>
> What do you mean by NAT might be the problem? I also have that other subnet configured properly, just not included in the config I provided. If I can't get 1 working, no sense in troubleshooting both. If you might be able to elaborate a bit on your NAT suggestion, it would be appreciated.
>
>> On Fri, May 21, 2021 at 3:15 PM Jerry Bacon <jerryb@startouch.com> wrote:
>> I think the NAT might be the problem. Also you need to add the 192.168.4.1 gateway.
>>
>> --
>> Jerry Bacon
>> StarTouch - Senior Network Engineer
>> Sent from my iPhone
>>
>> > On May 21, 2021, at 11:30 AM, Scott Miller <fordlove@gmail.com> wrote:
>> >
>> > Wondering if anyone has configured a 901 as a DHCP server. It's being used
>> > in a multi-tenant location, other customers are static public /30 and work
>> > fine, but we have a customer who wants us to do DHCP for them. So instead
>> > of adding another box, I was trying to get the 901 to be the DHCP server.
>> > For some reason, it's not working. I have configured other routers no
>> > problem as a DHCP server, this one the client gets an IP, can ping the
>> > gateway, can ping the uplink IP, can ping the core, but can't leave our
>> > network. Kinda feels like a MTU issue, but all set to 9000. Here's my
>> > config:
>> > Anyone ever try it, and have any suggestions?
>> >
>> > ASR901 - A901-12C-F-D
>> > AdvancedMetroIPAccess
>> > Version 15.6(2)SP3
>> >
>> > !
>> > ip dhcp excluded-address 192.168.3.1 192.168.3.50
>> > ip dhcp excluded-address 192.168.4.0 192.168.4.50
>> > !
>> > ip dhcp pool DATA
>> > network 192.168.3.0 255.255.255.0
>> > default-router 192.168.3.1
>> > dns-server xx.xx.xx.xx
>> > !
>> > ip dhcp pool VOICE
>> > network 192.168.4.0 255.255.255.0
>> > dns-server xx.xx.xx.xx
>> > default-router 192.168.4.1
>> > !
>> > interface GigabitEthernet0/0
>> > description UPLINK TO CORE
>> > mtu 9000
>> > no ip address
>> > ip nat outside
>> > load-interval 30
>> > negotiation auto
>> > service instance 50 ethernet
>> > description PTP to CORE OSPF Area 0
>> > encapsulation untagged
>> > bridge-domain 50
>> > !
>> > interface Vlan50
>> > description OSPF TO CORE
>> > mtu 9000
>> > ip address xx.xx.206.30 255.255.255.252
>> > no ip redirects
>> > no ip proxy-arp
>> > ip nat outside
>> > ip pim sparse-mode
>> > ip ospf network point-to-point
>> > ip ospf mtu-ignore
>> > load-interval 30
>> > carrier-delay msec 0
>> > mpls ip
>> > mpls traffic-eng tunnels
>> > !
>> > interface GigabitEthernet0/1
>> > description Uplink to Customer XXXXXX - DHCP Inside
>> > mtu 9000
>> > no ip address
>> > ip nat inside
>> > load-interval 30
>> > negotiation auto
>> > service instance 100 ethernet
>> > description XXXXXXX Data Network
>> > encapsulation untagged
>> > bridge-domain 100
>> > !
>> > !
>> > interface Vlan100
>> > description XXXXXX Data Network
>> > mtu 9000
>> > ip address 192.168.3.1 255.255.255.0
>> > no ip redirects
>> > no ip proxy-arp
>> > ip nat inside
>> > !
>> > ip nat inside source list 150 interface Vlan50 overload
>> > !
>> > access-list 150 remark Network Address Translation
>> > access-list 150 permit ip 192.168.3.0 0.0.0.255 any
>> > access-list 150 permit ip 192.168.4.0 0.0.0.255 any
>> > _______________________________________________
>> > cisco-nsp mailing list cisco-nsp@puck.nether.net
>> > https://puck.nether.net/mailman/listinfo/cisco-nsp
>> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/