Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Repeated release of DHCP address

Happened to notice in the logs for XG the other day a zillion entries showing DHCP Server - RELEASE, all related to one device, a Cisco switch. More specifically, it's for the IP address to access the web UI for the switch. The details for each entry are all the same "Lease IP X released from MAC Y" and all the same Message ID - 60021.

The entries are more or less constant with some variation - sometimes there is a few seconds between each entry, while other times there are as many as ten per second. I checked the settings on the switch, but nothing seems to be unusual there - really the only choice is between setting it to be static or assigned by DHCP. The settings for the DHCP server on XG also don't seem to be the problem - they are the default settings and the minimum lease time is set to 480, max 2880. Conflict detection is on. I've set the switch up in XG so that it's assigned a static IP.

Functionally, nothing seems to be off - I can access the switch just fine, I don't see any functionality issues with the switch, or anything odd in XG, but the thought that XG seems to be constantly releasing the IP address seems a bit disconcerting. 

Perhaps even more oddly, when I set the switch to a static address (on the switch itself, not XG) but don't change the setting on XG, the release entries keep showing up.

Finally, even more oddly, with the switch set to a static address, when I delete the static address assignment in XG, the constant entries stop, but then the switch now suddenly gets IP address assignments across all 5 VLANs, whereas previously it was only assigned one IP address in one VLAN (the one where I had the static entry) - it was not, for some reason, assigned an IP address in any of the other VLANs. I'm perhaps less fussed about this, though the initial intent was to limit access to the web UI for the switch to the management VLAN (which was the one with the static entry).

If anyone might be able to shed light on the above - primarily the constantly repeating release events, I would be most grateful.



This thread was automatically locked due to age.
Parents
  • In case anyone happens to run across the same thing, I think I figured it out. I have multiple VLANs set up on the switch and XG. The switch requires an IP address for the management interface for each VLAN. In each case, the MAC address is the same. By default (if I recall correctly), it's set up to use DHCP to get the IP addresses.

    Apparently in XG, if you set up a static mapping for a given MAC address in one VLAN, that same MAC address cannot be used in another VLAN, which seems a bit odd. From what I can tell, if a static mapping is assigned in one VLAN and is assigned according to that mapping, when DHCP requests come in through the other VLANs for the same MAC address, XG will "release" those other requests because the IP address has already been assigned. I do find it curious why the XG would behave in this manner - I would have though the DHCP for each VLAN would be independent. 

    It would perhaps be helpful to understand whether either of these behaviours is considered a feature or a bug, since if it's the former, not quite sure I understand the logic. If anyone has any insight on that front, they would be most appreciated.

    In any event, while I was hoping to have all static mappings controlled through the XG, I've decided the best way around the problem is to designate the static IP addresses on the switch itself and not rely on XG.

Reply
  • In case anyone happens to run across the same thing, I think I figured it out. I have multiple VLANs set up on the switch and XG. The switch requires an IP address for the management interface for each VLAN. In each case, the MAC address is the same. By default (if I recall correctly), it's set up to use DHCP to get the IP addresses.

    Apparently in XG, if you set up a static mapping for a given MAC address in one VLAN, that same MAC address cannot be used in another VLAN, which seems a bit odd. From what I can tell, if a static mapping is assigned in one VLAN and is assigned according to that mapping, when DHCP requests come in through the other VLANs for the same MAC address, XG will "release" those other requests because the IP address has already been assigned. I do find it curious why the XG would behave in this manner - I would have though the DHCP for each VLAN would be independent. 

    It would perhaps be helpful to understand whether either of these behaviours is considered a feature or a bug, since if it's the former, not quite sure I understand the logic. If anyone has any insight on that front, they would be most appreciated.

    In any event, while I was hoping to have all static mappings controlled through the XG, I've decided the best way around the problem is to designate the static IP addresses on the switch itself and not rely on XG.

Children
No Data