Courseiva
DHCPCCNA 200-301

DHCP Relay Agent Not Forwarding Requests to Server

Presenting Symptom

Clients in VLAN 20 cannot obtain IP addresses via DHCP, while clients in VLAN 10 (same router) succeed.

Network Context

A small branch office with a Cisco 4321 router (IOS XE 16.9) acting as the default gateway for VLAN 10 (192.168.10.0/24) and VLAN 20 (192.168.20.0/24). The router has an ip helper-address pointing to a DHCP server at 10.10.10.5. The DHCP server is reachable and has scopes for both VLANs. Clients in VLAN 10 get addresses, but VLAN 20 clients fail.

Diagnostic Steps

1

Check DHCP relay configuration on the router interface for VLAN 20

show running-config interface vlan 20
interface Vlan20
 ip address 192.168.20.1 255.255.255.0
 ip helper-address 10.10.10.5
 no ip redirects
 no ip proxy-arp

Verify that the ip helper-address command is present on the VLAN 20 interface. If missing, DHCP relay is not configured for that subnet.

2

Verify DHCP server reachability from the router

ping 10.10.10.5 source 192.168.20.1
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

If ping fails, there is a connectivity issue between the router and DHCP server. If successful, the problem is likely not reachability.

3

Check if DHCP packets are being relayed using debug

debug ip dhcp server packet
DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d30.3031.332e.3030.3030.2e30.3030.30 on interface Vlan20
DHCPD: Sending DHCPOFFER to client 0063.6973.636f.2d30.3031.332e.3030.3030.2e30.3030.30 via 192.168.20.1

If no DHCPDISCOVER messages appear from VLAN 20, the relay agent is not forwarding client requests. If only DISCOVER appears but no OFFER, the server may not be responding or the relay is not forwarding replies.

4

Check if DHCP relay is globally enabled and verify UDP forwarding

show ip dhcp relay information
DHCP relay agent is enabled.
Relay agent information option 82 is disabled.
No relay agent information trusted interfaces.

If DHCP relay agent is disabled, enable it with 'service dhcp'. Also verify that UDP forwarding is not blocked by ACLs.

Root Cause

The ip helper-address command was missing on the VLAN 20 interface of the router. Without this command, the router does not forward DHCP broadcast requests from VLAN 20 clients to the DHCP server.

Resolution

Configure the ip helper-address on the VLAN 20 interface: interface Vlan20 ip helper-address 10.10.10.5 end This command instructs the router to forward DHCP broadcasts (UDP ports 67/68) to the specified server.

Verification

On a client in VLAN 20, release and renew the IP address (e.g., ipconfig /release && ipconfig /renew on Windows). Then run 'show ip dhcp binding' on the router to confirm the client received an address: Router# show ip dhcp binding Bindings from all pools not associated with VRF: IP address Client-ID/ Lease expiration Type Hardware address 192.168.20.10 0063.6973.636f.2d30. Mar 01 2025 12:00 PM Automatic 3031.332e.3030.3030. 2e30.3030.3030

Prevention

1. Use a standard configuration template that includes ip helper-address on all VLAN interfaces that require DHCP relay. 2. Implement network automation (e.g., Ansible) to enforce consistent DHCP relay configuration across all subnets. 3. Regularly audit router configurations with a script to verify ip helper-address is present on all interfaces where DHCP clients reside.

CCNA Exam Relevance

On the CCNA 200-301 exam, DHCP relay configuration and troubleshooting appear in multiple-choice and simulation questions. The exam tests understanding of the ip helper-address command, the fact that it forwards UDP broadcasts (not just DHCP), and the requirement to configure it on the interface facing DHCP clients. A common question asks which interface needs the ip helper-address (the one with DHCP clients) or what command to use to forward DHCP requests to a remote server.

Exam Tips

1.

Remember that ip helper-address forwards multiple UDP services by default (TFTP, DNS, Time, NetBIOS, etc.), not just DHCP. Use 'ip forward-protocol' to control which ports are forwarded.

2.

The ip helper-address must be configured on the interface that receives the DHCP broadcast (the client's gateway interface), not on the interface toward the server.

3.

If DHCP relay is not working, always verify the configuration with 'show running-config interface' and check that the interface is up/up.

Commands Used in This Scenario

ping [ip]

The ping command sends ICMP echo requests to a destination IP address to test network connectivity and measure round-trip time.

show ip dhcp binding

Displays the current DHCP binding table, showing which IP addresses have been leased to clients, along with their MAC addresses, lease expiration, and type of binding.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions