Lab 043 How to Configure and Verify IOS DHCP Relay

CCNA 200-301 Chapter 4 IP Services Lab 043 Configure and Verify Data and Voice Access Port

Watch Full Demo on YouTube:

Lab Objective:

Dynamic Host Configuration Protocol (DHCP) simplifies IP address assignment in large networks, enabling efficient and automated client configuration.
However, when the DHCP server is on a different network from the clients, DHCP Relay is required.
This lab focuses on configuring and verifying IOS DHCP Relay to enable seamless communication between DHCP clients and a remote DHCP server.

This lab aligns with Exam Blueprint Objective 4.6, which emphasizes understanding and implementing IP services, including DHCP Relay functionality.

Lab Topology:

CCNA 200-301 Lab Chapter 4 IP Services Lab 043 Configure and Verify IOS DHCP Relay

Equipment Required:

2 x Cisco Router (e.g., CISCO2811/K9)
3 x Cisco switch (e.g., Cisco Catalyst series)
3 x PCs or laptops with Ethernet ports
Console Cable
Ethernet Cable for connections between devices
Computer with Terminal emulation software e.g. PuTTY

IPv4 Address Table:

A. Router IP Address Table:

Device Name	Interface ID	IP Address	Subnet-Mask
R1	Gig0/0/0	10.1.1.1	255.255.255.0
R1	Gig0/0/1	10.1.2.1	255.255.255.0
R1	Gig0/0/2	10.0.0.1	255.255.255.252
R2	Gig0/0/2	10.0.0.2	255.255.255.252
R2	Gig0/0/1	10.2.2.2	255.255.255.0

B. Hosts IP Address Table:

Device Name	Interface ID	IP Address	Subnet-Mask	Gateway
PC1	Gig0/0/0	DHCP	DHCP	DHCP
PC2	Gig0/0/1	DHCP	DHCP	DHCP
PC3	Gig0/0/2	DHCP	DHCP	DHCP

List of Command Summary:

Command	Command Description
enable	enters privileged EXEC mode.
configure terminal	enters global configuration mode from privileged EXEC mode.
hostname [hostname]	assign a device name to router.
show interfaces status	provides a summary of the current status of all interfaces on a Cisco switch. This command displays important information about each interface, including: Port: The interface identifier (e.g., Gi1/0/1). Name: The name or description assigned to the interface, if any. Status: The operational status of the interface (e.g., connected, notconnect, err-disabled). Vlan: The VLAN that the interface is assigned to. Duplex: The duplex mode of the interface (e.g., full, half, auto). Speed: The speed of the interface (e.g., 10, 100, 1000 Mbps, auto). Type: The type of interface (e.g., 10/100/1000BaseTX, SFP). This command is useful for quickly assessing the operational state and configuration details of all interfaces on the switch.
show ip dhcp binding	provides a list of all the IP addresses that the DHCP server has assigned to clients, along with information on each lease. This output includes the client’s IP address, associated MAC address, lease expiration details, and type of assignment (automatic, manual, or dynamic). This command is useful for verifying DHCP allocations and troubleshooting client connectivity issues, as it helps confirm that IP addresses are being properly assigned and renewed by the DHCP server
show ip dhcp conflict	displays any IP address conflicts detected by the DHCP server. A conflict arises when the DHCP server assigns an IP address that another device is already using. DHCP detects conflicts in two primary ways: Ping Detection: The DHCP server pings an IP address before assigning it. If it receives a reply, indicating that the IP address is already in use, it marks it as a conflict. Gratuitous ARP: When a client receives an IP address, it sends a gratuitous ARP request. If another device responds, this indicates a conflict. The output of show ip dhcp conflict shows the conflicted IP addresses along with their detection methods (Ping or ARP) and timestamps. This information helps administrators troubleshoot DHCP issues by identifying and resolving conflicting addresses, usually by either reassigning IPs or adjusting DHCP settings.
show ip dhcp pool	provides detailed information about each DHCP pool configured on a router, displaying statistics and status for each pool. This command is particularly useful for network administrators who need to monitor DHCP pool usage and verify that clients are receiving IP addresses as expected
ipconfig /release	used in Windows to release the current IP address assigned to a network interface by a DHCP server. When executed, this command will drop the IP address, subnet mask, gateway, and any DNS server information associated with the interface, setting the IP address to 0.0.0.0. This can be helpful in troubleshooting IP configuration issues or forcing a device to request a new IP address from the DHCP server.
ipconfig /renew	used to request a new IP address from the DHCP server for a network interface on a Windows-based device
ip dhcp excluded-address [Low IP address] [High IP address]	used to define a range of IP addresses that should be excluded from the DHCP pool. This command is typically part of setting up a DHCP server on a Cisco router, where the administrator wants to reserve specific IP addresses within a subnet for static assignments or other purposes, ensuring that these addresses won’t be automatically assigned to clients by the DHCP server
ip dhcp pool [Pool name]	used on Cisco routers to create a DHCP pool, which defines a set of IP addresses that the DHCP server on the router can lease to network clients. This command initiates the configuration mode for a new DHCP address pool, allowing you to specify parameters such as the subnet range, default gateway, DNS servers, and domain name for clients that receive IPs from this pool
network [Network number in dotted-decimal notation] [Network mask]	used in Cisco’s DHCP configuration mode to define the network segment or subnet for which the DHCP server will provide IP addresses
default-router [Router’s IP address]	used in Cisco’s DHCP configuration mode to specify the default gateway IP address for DHCP clients on a specific network. This command is essential because it provides clients with the IP address of the router they should use to access other networks, including the internet
dns-server [Set ip address of DNS server]	command in Cisco’s DHCP configuration specifies the IP address of a DNS server that DHCP clients should use for DNS resolution. When a client receives a DHCP lease, this information allows the client to resolve domain names to IP addresses, enabling access to websites, email servers, and other resources by name instead of needing the IP address
domain-name [A domain name]	used to specify the domain name that should be given to the clients when they are assigned an IP address via DHCP. This allows clients on the network to append the domain name to any unqualified hostnames they attempt to resolve, which is useful for internal name resolution
ip helper-address [dhcp server ip]	sed on a router to enable DHCP Relay. It instructs the router to forward DHCP broadcast packets received on the interface to a specific DHCP server. This allows clients in different subnets to obtain IP addresses from a central DHCP server. The router acts as an intermediary, converting broadcast requests into unicast messages directed at the specified server. This command is critical in scenarios where DHCP clients and servers reside on separate networks.
ping [ip-address] -n 100	used to send a series of Internet Control Message Protocol (ICMP) Echo Request packets to a specified IP address, with the option to specify the number of packets to send.
description “DESCRIPTION OF SOME SORT”	used to assign a descriptive text label to a network interface on a device such as a router or switch. This description helps administrators to identify the purpose or details of the interface more easily when managing and troubleshooting the network.
show ip interface brief \| include lan	used on Cisco devices to display a summarized list of all IP interfaces configured on the device and filter the output to only show interfaces that contain the keyword “lan” in their configuration. This command is helpful for quickly identifying and troubleshooting interfaces related to LAN (Local Area Network) configurations within the device’s network environment
ipconfig /all	used in Windows operating systems to display detailed information about all network interfaces and their configurations.
no shutdown	enables an interface.
show running-config	save the running configuration to the startup-configuration file.
show running-config \| section interface GigabitEthernet0/*	used to display the configuration details of a specific GigabitEthernet interface (interface GigabitEthernet0/) within the running configuration of a Cisco device. This command allows you to view the configuration settings related to the specified interface only, filtering out other configuration sections. It provides a focused view of the configuration parameters associated with the specified interface, including its IP address, VLAN membership, trunking settings, and any other relevant configuration details. The asterisk (*) is a wildcard character that matches any character or sequence of characters. In this context, it is used to match any subinterface under GigabitEthernet0.
show running-config \| section interface FastEthernet0/1$	The “show running-config \| section interface FastEthernet0/1$” command is similar to the previous one, but it focuses specifically on the FastEthernet0/1 interface. The “$” symbol at the end of the interface name indicates that the command will match only the interface that ends with “FastEthernet0/1”. This command is helpful when you want to view the configuration details of a specific FastEthernet interface without displaying configurations for other interfaces.
copy running-config startup-config	used to save the currently running configuration (stored in the RAM) to the startup configuration (stored in the NVRAM)
end	exit configuration mode.
exit	exits one level in the menu structure command.

Lab Task:

Basic Configuration – Configure IP Addresses on R1 and R2:
- On R1, configure interface Gig0/0/0, Gig0/0/1 and Gig0/0/2 with the appropriate IPv4 addresses. Include an interface description and enable the interfaces.
- On R2, configure interface Gig0/0/2 and Gig0/0/1 with the appropriate IPv4 addresses. Include an interface description and enable the interfaces.
- Perform in-flight checks.
On R1, configure a default route with the next-hop address set to the R2 IP address 10.0.0.2
On R2, configure a default route with the next-hop address set to the R2 IP address 10.0.0.1
Enable DHCP service on R1.
Define IP Exclusion Ranges: Excluded certain IPs for critical infrastructure devices or for static IP assignments that should remain consistent:
- Reserve the first 100 IP addresses in each DHCP pool network to prevent them from being assigned to clients dynamically. Configure address exclusions within the 10.1.1.0/24, 10.1.2.0/24 and 10.2.2.0/24 subnets, so that only addresses from .101 onward in each subnet are available for DHCP assignment.
- Perform in-flight checks.
Create DHCP Pool for the First Network:
- Configure DHCP Pool for 10.1.1.0/24, please use IEE_Network_1
- Set the default gateway for this subnet to 10.1.1.1
- Specify the DNS server as 8.8.8.8
- Assign the domain name iee.com to the clients in this subnet
Create DHCP Pool for the Second Network:
- Configure DHCP Pool for 10.1.2.0/24, please use IEE_Network_1
- Set the default gateway for this subnet to 10.1.2.1
- Specify the DNS server as 8.8.8.8
- Assign the domain name iee.com to the clients in this subnet
Create DHCP Pool for the Third Network:
- Configure DHCP Pool for 10.2.2.0/24, please use IEE_Network_3
- Set the default gateway for this subnet to 10.2.2.1
- Specify the DNS server as 8.8.8.8
- Assign the domain name iee.com to the clients in this subnet
- Perform in-flight checks
Which interface should configure the DHCP Relay on Router2? Configure DHCP Relay on R2.
Release and Renew IP Address on PCs:
- On each PC (PC1, PC2, and PC3), navigate to the Desktop tab and open the Command Prompt (CLI).
- Release the currently assigned IP address using the appropriate command, and then request a new IP address from the DHCP server.
- Hint: Use commands to release and renew IP addresses, verifying that each PC is assigned an IP within the correct range for its network.
Perform Connectivity Tests Between PCs:
- Test network connectivity by pinging PC2, PC3, and PC4 to ensure that each device is reachable and that the DHCP configurations are functioning as expected.
- Save your configuration.

Lab Solution:

1. Basic Configuration – Configure IP Addresses on R1 and R2:

a. On R1, configure interface Gig0/0/0, Gig0/0/1 and Gig0/0/2 with the appropriate IPv4 addresses. Include an interface description and enable the interfaces:

R1#configure terminal
R1(config)#interface gigabitEthernet 0/0/0
R1(config-if)#description “Link to SW1”
R1(config-if)#ip address 10.1.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface gigabitEthernet 0/0/1
R1(config-if)#description “Link to SW2”
R1(config-if)#ip address 10.1.2.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface gigabitEthernet 0/0/2
R1(config-if)#description “link to R2”
R1(config-if)#ip address 10.0.0.1 255.255.255.252
R1(config-if)#no shutdown
R1(config-if)#end
R1#

b. On R2, configure interface Gig0/0/2 and Gig0/0/1 with the appropriate IPv4 addresses. Include an interface description and enable the interfaces:

R2#configure terminal
R2(config)#interface gigabitEthernet 0/0/2
R2(config-if)#description “Link to R1”
R2(config-if)#ip address 10.0.0.2 255.255.255.252
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface gigabitEthernet 0/0/1
R2(config-if)#description “Link to SW3”
R2(config-if)#ip address 10.2.2.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#end
R2#

c. Perform in-flight checks:

2. On R1, configure a default route with the next-hop address set to the R2 IP address 10.0.0.2:

R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2

3. On R2, configure a default route with the next-hop address set to the R2 IP address 10.0.0.1:

R2(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.1

Enable DHCP service on R1:

R1(config)#service dhcp

5. Define IP Exclusion Ranges: Excluded certain IPs for critical infrastructure devices or for static IP assignments that should remain consistent:

a. Reserve the first 100 IP addresses in each DHCP pool network to prevent them from being assigned to clients dynamically. Configure address exclusions within the 10.1.1.0/24, 10.1.2.0/24 and 10.2.2.0/24 subnets, so that only addresses from .101 onward in each subnet are available for DHCP assignment:

R1(config)#ip dhcp excluded-address 10.1.1.1 10.1.1.100
R1(config)#ip dhcp excluded-address 10.1.2.1 10.1.2.100
R1(config)#ip dhcp excluded-address 10.2.2.1 10.2.2.100
R1(config)#end
R1#

b. Perform in-flight checks:

6. Create DHCP Pool for the First Network:

a. Configure DHCP Pool for 10.1.1.0/24, please use IEE_Network_1
b. Set the default gateway for this subnet to 10.1.1.1
c. Specify the DNS server as 8.8.8.8
d. Assign the domain name iee.com to the clients in this subnet

R1(config)#ip dhcp pool IEE_Network_1
R1(dhcp-config)#network 10.1.1.0 255.255.255.0
R1(dhcp-config)#default-router 10.1.1.1
R1(dhcp-config)#dns-server 8.8.8.8
R1(dhcp-config)#domain-name iee.com
R1(dhcp-config)#exit

7. Create DHCP Pool for the Second Network:
a. Configure DHCP Pool for 10.1.2.0/24, please use IEE_Network_1
b. Set the default gateway for this subnet to 10.1.2.1
c. Specify the DNS server as 8.8.8.8
d. Assign the domain name iee.com to the clients in this subnet

R1(config)#ip dhcp pool IEE_Network_2
R1(dhcp-config)#network 10.1.2.0 255.255.255.0
R1(dhcp-config)#default-router 10.1.2.1
R1(dhcp-config)#dns-server 8.8.8.8
R1(dhcp-config)#domain-name iee.com
R1(dhcp-config)#exit

8. Create DHCP Pool for the third Network:
a. Configure DHCP Pool for 10.2.2.0/24, please use IEE_Network_3
b. Set the default gateway for this subnet to 10.2.2.2
c. Specify the DNS server as 8.8.8.8
d. Assign the domain name iee.com to the clients in this subnet
e. Perform in-flight checks

R1(config)#ip dhcp pool IEE_Network_3
R1(dhcp-config)#network 10.2.2.0 255.255.255.0
R1(dhcp-config)#default-router 10.2.2.2
R1(dhcp-config)#dns-server 8.8.8.8
R1(dhcp-config)#domain-name iee.com
R1(dhcp-config)#end

9. Which interface should configure the DHCP Relay on Router2? Configure DHCP Relay on R2.

R2(config-if)#interface gigabitEthernet 0/0/1
R2(config-if)#ip helper-address 10.1.1.1
R2(config-if)#

10. Release and Renew IP Address on PCs:

a. On each PC (PC1, PC2, and PC3), navigate to the Desktop tab and open the Command Prompt (CLI).

b. Release the currently assigned IP address using the appropriate command, and then request a new IP address from the DHCP server.

c. Hint: Use commands to release and renew IP addresses, verifying that each PC is assigned an IP within the correct range for its network:

11. Perform Connectivity Tests Between PCs:

a. Test network connectivity by pinging PC2, PC3, and PC4 to ensure that each device is reachable and that the DHCP configurations are functioning as expected:

b. Save your configuration.

Troubleshooting:

When troubleshooting issues related to DHCP or connectivity in a network setup like the one in the lab, it’s essential to follow a systematic approach to identify and resolve potential problems. Below is a comprehensive list of steps you can take to troubleshoot any issues that might arise:

Check DHCP Configuration:
- Verify DHCP Pool Configuration: Ensure that the DHCP pools are properly configured with the correct IP address range, subnet mask, default router (gateway), and DNS server. For instance:
  - show running-config or show ip dhcp pool
  - Verify the correct network, default-router, dns-server, and domain-name settings.
- Check for Excluded Addresses: Make sure that the IP address range excludes any IP addresses that should not be assigned to clients (e.g., static IPs, network addresses). You can check excluded addresses with:
  - show ip dhcp excluded-address
Check DHCP Server Status:
- Ensure that the DHCP service is running on the router:
  - show ip dhcp binding (Displays current DHCP bindings, including leased addresses)
  - show ip dhcp conflict (Check for any IP address conflicts)
- If there are no IP addresses listed in the show ip dhcp binding command, it might indicate that DHCP is not assigning IPs properly.
Check DHCP Client Configuration:
- Verify Client Configuration: Ensure the PCs are set to receive IP addresses automatically (DHCP mode) in their network settings:
- Release and Renew IP Address: On the PCs, release and renew the IP address to refresh their DHCP leases:
  - ipconfig /release followed by ipconfig /renew
- Check for Static IP Configuration: If the PC has a static IP configured, it will not request an IP address from the DHCP server. Make sure it’s set to “Obtain an IP address automatically.”
Check for IP Address Conflicts:
- Use show ip dhcp conflict on the router to check for any IP address conflicts in the DHCP pool. If there are conflicts, resolve them by excluding the conflicting addresses or assigning them manually.
- Ensure that there are no IP address overlaps between DHCP pools and statically assigned IP addresses.
Verify Network Connectivity:
- Ping Test: From each PC, ping other devices within the same network and across networks to verify connectivity:
  - ping “IP address of another device”
- Check Default Gateway: Ensure that the default gateway on each device points to the correct router IP address.
- If pinging other devices fails, ensure that the router interfaces and PCs are properly configured with correct IP addresses, subnet masks, and gateways.
Check Router Interfaces:
- Verify Interface Status: Ensure that the router’s interfaces connected to the network are up and operational. Use:
  - show ip interface brief
- Check for Interface Shutdown: Make sure interfaces are not administratively down:
  - show running-config and check for shutdown command on any interfaces.
Verify Subnetting:
- Ensure that the subnet mask on both the DHCP server (router) and the clients match and are consistent across the network. A mismatch in subnetting can lead to connectivity issues, as clients may not be able to reach the gateway or other network devices.
Check for Misconfigured NAT or Firewall:
- Check NAT Configuration: If the router is performing Network Address Translation (NAT), verify that NAT rules aren’t misconfigured and blocking traffic. Use:
  - show ip nat translations to check NAT mappings.
- Verify ACLs: Check any Access Control Lists (ACLs) that might be applied to interfaces, ensuring they aren’t inadvertently blocking DHCP traffic or ping requests.
Check for Layer 2 Connectivity (Switching):
- VLAN Configuration: Ensure that PCs and the router are in the same VLAN or have the correct VLAN settings to communicate.
- Check Trunking/Access Ports: If using trunk links between switches, ensure the trunking is properly configured and that the VLANs are allowed across the trunk link.
- Verify MAC Address Table: Use the show mac address-table command on the switch to verify that MAC addresses are learned properly.
Check Timeouts and Delays:
- If the DHCP request is not being processed quickly, check the router and switch for any delays, high CPU usage, or interface congestion that could be affecting DHCP communication.
Verify DNS Configuration:
- Ensure that the DNS server configured in the DHCP pool is reachable from the client and the router. If DNS queries are failing, it can indicate network connectivity issues or DNS misconfiguration.
Troubleshoot DHCP Relay:
- If you have a DHCP relay setup (using ip helper-address), ensure the relay router is correctly forwarding DHCP requests between clients and the DHCP server.
- Use the show ip helper-address command to verify that the correct relay addresses are configured on the interfaces.
Analyze DHCP Request and Response Packets:
- Use packet capture tools or router commands to verify if DHCP packets are being forwarded to the server and responses are returning:
  - debug ip dhcp server events
  - debug ip dhcp relay
- Check for errors in the relay process or missing packets.
Check Access Control Lists (ACLs):
- Confirm no ACLs are blocking DHCP traffic (UDP ports 67 and 68):
  - show access-lists
- Modify or adjust ACLs to permit DHCP traffic if necessary.
Test DHCP on the Same Subnet:
- Temporarily place a DHCP client and server on the same subnet to ensure basic DHCP functionality is working.

These troubleshooting steps should help resolve common DHCP issues that may arise in the lab setup. By systematically checking each aspect—DHCP server configuration, client settings, network connectivity, and interface status—you can identify and fix most problems that prevent devices from obtaining IP addresses or communicating on the network.

If issues persist, reviewing the router logs (using show logging or debug ip dhcp server), or packet captures (using Wireshark or a similar tool) may reveal further details about the problem.

Conclusion:

This lab demonstrated the critical role of DHCP Relay in environments where clients and DHCP servers reside on different subnets. Proper configuration and verification steps ensure seamless IP address assignment, enabling efficient network operation. Mastering DHCP Relay prepares you for real-world scenarios and the CCNA 200-301 exam.

Packet Tracer Lab (Pre/Post configuration):

Download the file below and open the word document to access the Packet Tracer labs.

CCNA 200-301 Lab Chapter 4 IP Services Lab 043 Configure and Verify IOS DHCP Relay – Pre and Post Labs Download