This. DHCP snooping has caused a few headaches for me in the past. A reboot or removal of the offending port's entry has usually fixed it.
On Friday, September 30, 2016, Jesse Dupont <[email protected]> wrote: > We've had to reboot E7s before because of DHCP snooping failures on ONTs. > > > _____________________________ > From: [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');> > Sent: Friday, September 30, 2016 10:19 AM > Subject: Re: [AFMUG] Need help with DHCP problem > To: <[email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');>> > > > We didn’t do any Calix changes and we don’t think they can push a change. > > *From:* Paul Stewart > *Sent:* Friday, September 30, 2016 10:07 AM > *To:* [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');> > *Subject:* Re: [AFMUG] Need help with DHCP problem > > Yup … > > Four steps to DHCP that you should see on the capture > > Discovery > Offer > Response > Ack > > (DORA for short) > > Once the Ack is completed then the ONT should have an IP and only come > back looking for a new IP near expiry and/or a power event etc… > > I’d suggest testing against the DHCP server with a PC with short expiry as > noted .. if that works fine then go further upstream and repeat. really > sounds like an ONT issue - did you do any changes with Calix firmware or > anything like that? > > Just some guesses > > Paul > > > On Sep 30, 2016, at 10:01 AM, Adam Moffett <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: > > That was supposed to say "if you can ping the ONT from the DHCP server" > stupid fingers can't keep up with stupid brain. > > ------ Original Message ------ > From: "Adam Moffett" <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> > To: "Animal Farm" <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> > Sent: 9/30/2016 9:59:04 AM > Subject: Re: [AFMUG] Need help with DHCP problem > > > You're doing exactly what I would do. > > The renewal is unicast, so if you can the ONT from the DHCP server then > the unit should be able to renew. My guess would be something in the > middle either dropping the request from the client or dropping the ack from > the server. Maybe a misbehaving switch or misconfigured firewall rule. > Wireshark and/or logs on one end or the other might tell you which step is > not happening, but they won't tell you which device is dropping the ball. > I'm guessing you'll run wireshark, see a missing packet from somebody and > then have to packet capture at points in between to see if the missing > packet is present or not at that point. > > > > ------ Original Message ------ > From: "Chuck McCown" <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> > To: "Animal Farm" <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> > Sent: 9/29/2016 11:12:12 PM > Subject: [AFMUG] Need help with DHCP problem > > > I have not dug into the entrails of DHCP since NAT was added to Canopy, so > long time ago. I have Calix ONTs that are going away when their DHCP > reservations expire. They normally get them from DHCPatriot. People lose > service, they call, we reset the ONT and service comes back. > > Started a couple of days ago, no network changes to speak of. But about > 30% are having the problem. > > There is no way the DHCPatriot could be causing this is there? Once it > hands out an IP and a reservation time, it is out of the loop, right? > > I suggest setting up an ONT with a reservation time of 1 hour then > wireshark the DHCPatriot to see of the ONT ever comes knocking, or if it > does, what is going on between those two. > > Any other troubleshooting ideas out there? Going to bed, hopefully there > will be a bunch of brilliant posts in the morning leading us directly to > the bad actor. > > > > >
