Mar 06, 2015 · The core switch configures each vlan with an ip helper-address setting that points it to our DHCP server, and a dhcp relay-option 82 replace line so that the dhcp server will know what scope to use. These configurations, and the port configurations on the endpoint switches, have not changed in at least 16 months.

Further, on the DHCP & ARP page I see the 3 sites propogated multiple times at each site connected with the old MetroLan. Because the relays aren't working properly, I'm getting a flood of DHCP requests returned with NACK. Further, many printers that have DHCP reservations are reverting to APIPA due to this. Received DHCP NAK Sending discover Sending select for 192.168.177.140 Lease of 192.168.177.140 obtained, lease time 1800 deleting routers adding dns 192.168.177.2 check-version already run per instance Starting dropbear sshd: OK userdata already run per instance The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCPIP network. DHCP is based on the Bootstrap Protocol (BOOTP), adding the capability of automatic allocation of reusable network addresses and additional configuration options. if a manually entered IP address works, then DHCP should work as well. Please double check whether the DHCP server has free addresses in the subnet in question. If the DHCP server is in a different subnet, you may also want to check whether DHCP helper addresses are configured properly on your router. MJH; Reviewed: SPOC 7/3/2012 Solution & Interoperability Test Lab Application Notes ©2012 Avaya Inc. All Rights Reserved. 2 of 58 FT_NACR_nonSIP

The authoritative parameter controls if DHCP server would NACK undefined subnet ip requests. Consider you have defined subnet aa.bb.cc.0 in DHCP configuration and client from bb.cc.dd.0 requests ip address to server, when authoritative is set DHCP

After all, NACK messages exist for a reason. I do not know which DHCP server pfSense uses, but I'm pretty sure that, for example, ISE has the option to send out NACKs to addresses out of range, by setting the server as authoritative. Shouldn't such an option be added to whatever pfSense uses as well? The reason for the ACK is that a NACK is simply not sufficient. Let's say I send you a data stream of X segments (let's say 10 for simplicity). You are on a bad connection, and only receive segments 1, 2, 4, and 5. Your computer sends the NACK for segment 3, but doesn't realize there should be segments 6-10 and does not NACK those. No. Time Source Destination Protocol Length Info; 1: 0.000000: 192.168.1.111: 255.255.255.255: DHCP: 342: DHCP Inform - Transaction ID 0x9959f928: 2: 0.006966: 192 Cisco has a feature in IOS 12 called DHCP Snooping and IP Source Guard that offers similar functionality. Switching software from other infrastructure vendors like Foundry Networks, and Nortel, also have DHCP snooping features. The problem with DHCP enforcement for any kind of access control or network engineering is a well known problem.

The DHCP NACK errors you see in the DHCP logs are probably related to your network equipment configuration and not to your DHCP server directly. In my case, it was a one of the switches that had a DHCP relay misconfigured.

Further, on the DHCP & ARP page I see the 3 sites propogated multiple times at each site connected with the old MetroLan. Because the relays aren't working properly, I'm getting a flood of DHCP requests returned with NACK. Further, many printers that have DHCP reservations are reverting to APIPA due to this. Received DHCP NAK Sending discover Sending select for 192.168.177.140 Lease of 192.168.177.140 obtained, lease time 1800 deleting routers adding dns 192.168.177.2 check-version already run per instance Starting dropbear sshd: OK userdata already run per instance The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCPIP network. DHCP is based on the Bootstrap Protocol (BOOTP), adding the capability of automatic allocation of reusable network addresses and additional configuration options. if a manually entered IP address works, then DHCP should work as well. Please double check whether the DHCP server has free addresses in the subnet in question. If the DHCP server is in a different subnet, you may also want to check whether DHCP helper addresses are configured properly on your router.