Courseiva
DHCPCCNA 200-301

DHCP Lease Not Renewing — Clients Losing Connectivity

Presenting Symptom

Clients on a specific VLAN lose IP connectivity after the DHCP lease expires; they fail to renew and obtain a new IP address.

Network Context

A small branch office with a single Cisco Catalyst 2960 switch (IOS 15.2) acting as the DHCP server for VLAN 10 (192.168.10.0/24). The switch is connected to a router for WAN access. Approximately 50 clients are in VLAN 10. The DHCP pool is configured on the switch, and clients initially receive IP addresses but cannot renew after the lease time (default 1 day).

Diagnostic Steps

1

Check DHCP binding table on the switch

show ip dhcp binding
IP address       Client-Identifier/Lease expiration        Type
192.168.10.10    0063.6973.636f.2d30.3030.312e.6130.3030.2e30.3030.31    Mar 01 2025 12:00 PM    Automatic
192.168.10.11    0063.6973.636f.2d30.3030.312e.6130.3030.2e30.3030.32    Mar 01 2025 12:00 PM    Automatic

If the binding table shows entries with expired leases (past current time) or no entries for clients that should have addresses, the DHCP server may not be processing renewals. Normal: active leases with future expiration.

2

Verify DHCP pool configuration and utilization

show ip dhcp pool VLAN10
Pool VLAN10 :
 Utilization mark (high/low)    : 100 / 0
 Subnet size (first/next)        : 192.168.10.0 / 24
 Total addresses                 : 254
 Leased addresses                : 50
 Pending event                   : none
 1 subnet is currently in the pool :
 Current index        IP address range                    Leased addresses
 192.168.10.1         192.168.10.1 - 192.168.10.254       50

Check if the pool is exhausted (Leased addresses = Total addresses). If full, no new leases can be assigned. Also check 'Current index' to see if the server is cycling through addresses. Normal: available addresses remain.

3

Check DHCP server statistics for conflicts or declines

show ip dhcp conflict
IP address       Detection method     Detection time
192.168.10.50    Ping                 Mar 01 2025 10:00 AM

If conflicts exist, the DHCP server marks those addresses as unavailable. This can prevent renewals if the client's original address is in conflict. Normal: no conflicts.

4

Enable debug to see DHCP packet exchange

debug ip dhcp server events
DHCPD: DHCPREQUEST received from client 0063.6973.636f.2d30.3030.312e.6130.3030.2e30.3030.31.
DHCPD: No binding for client 0063.6973.636f.2d30.3030.312e.6130.3030.2e30.3030.31.
DHCPD: Sending DHCPNAK to client 0063.6973.636f.2d30.3030.312e.6130.3030.2e30.3030.31.

If you see DHCPNAK messages, the server is rejecting renewal requests. Common cause: the client's binding was removed (e.g., due to conflict or pool exhaustion). Normal: DHCPACK sent for renewals.

Root Cause

The DHCP pool on the switch has run out of available IP addresses because the lease time is set to 1 day and many clients have disconnected without releasing their leases. Additionally, the 'ip dhcp excluded-address' command was not used to reserve addresses for static devices, causing the pool to be consumed by transient clients. When a client tries to renew, the server has no record of its binding (if the binding was cleared due to conflict detection) or the pool is full, so it sends a DHCPNAK.

Resolution

1. Clear any IP address conflicts: 'clear ip dhcp conflict *' 2. Increase the DHCP pool size or reduce lease time: 'ip dhcp pool VLAN10' -> 'lease 0 8' (8 hours) or 'network 192.168.10.0 255.255.255.0' 3. Exclude static addresses: 'ip dhcp excluded-address 192.168.10.1 192.168.10.10' 4. Optionally, clear expired bindings: 'clear ip dhcp binding *' (only if necessary, as this will force clients to re-request).

Verification

Run 'show ip dhcp binding' to see active leases with future expiration. Run 'show ip dhcp pool VLAN10' to confirm available addresses. Test a client by releasing and renewing its IP (ipconfig /release & ipconfig /renew on Windows) and verify it receives an address. Expected: client gets DHCPACK and new lease.

Prevention

1. Set appropriate lease times based on network mobility (e.g., 8 hours for office, 30 minutes for guest Wi-Fi). 2. Use 'ip dhcp excluded-address' to reserve addresses for servers, routers, and printers. 3. Monitor DHCP pool utilization with SNMP or syslog alerts when utilization exceeds 80%.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where you must identify why clients cannot obtain or renew IP addresses. The exam tests your ability to interpret 'show ip dhcp binding', 'show ip dhcp conflict', and debug output. Key fact: DHCPNAK indicates the server cannot honor the request, often due to pool exhaustion or conflict.

Exam Tips

1.

Memorize the output fields of 'show ip dhcp binding' — especially 'Lease expiration' and 'Type'.

2.

Understand that DHCPNAK is sent when the server has no binding for the client or the requested address is unavailable.

3.

Know that 'clear ip dhcp conflict *' removes all conflicts, but 'clear ip dhcp binding *' forces clients to re-request.

Commands Used in This Scenario

show ip dhcp binding

Displays the current DHCP binding table, showing which IP addresses have been leased to clients, along with their MAC addresses, lease expiration, and type of binding.

show ip dhcp conflict

Displays IP address conflicts detected by the DHCP server, helping administrators identify and resolve duplicate IP assignments on the network.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions