Skip to main content
kimrdk
kimrdk
New Member
October 2, 2019
Solved

DHCP server not working on soft switch interface

  • October 2, 2019
  • 1 reply
  • 9305 views

Hi I cannot get DHCP server to work on a software switch, configured like this: 

config system switch-interface
    edit "soft_switch"
  set vdom root
        set member "Vlan16" "VxLan-IPsec-DR"
        set intra-switch-policy explicit
    next
end
Computer configured with static IP, then I can ping 172.16.0.1, so the interface and VLAN works. Why do I not get an DHCP address? See images

FortiGate 30E v6.0.4 build0231 (GA) /Kim

Best answer by emnoc

You really need to look at the dhcp server status and ensure it's enabled. I would also see if you diag sniffer packet  on the member or softswitch to look for dhcp info.

 

 

e.g

 

FWFXXXXXXX (switch-interface) # showconfig system switch-interface    e

edit "internal"       

set vdom "root"       

set member "wifi" "lan"   

next    edit "HjSkist.root"       

set vdom "root"       

set member "HjSkist.wifi"   

next

end 

 

 

 diag sniffer packet  HjSkist.root 

 

 

 

Also, I notice you have  "set intra-switch-policy" set to explicit,  I would not do that.

 

Ken Felix

1 reply

kimrdk
kimrdkAuthor
New Member
October 2, 2019

DHCP is enabled under the interface:

emnoc
emnocAnswer
New Member
October 2, 2019

You really need to look at the dhcp server status and ensure it's enabled. I would also see if you diag sniffer packet  on the member or softswitch to look for dhcp info.

 

 

e.g

 

FWFXXXXXXX (switch-interface) # showconfig system switch-interface    e

edit "internal"       

set vdom "root"       

set member "wifi" "lan"   

next    edit "HjSkist.root"       

set vdom "root"       

set member "HjSkist.wifi"   

next

end 

 

 

 diag sniffer packet  HjSkist.root 

 

 

 

Also, I notice you have  "set intra-switch-policy" set to explicit,  I would not do that.

 

Ken Felix

kimrdk
kimrdkAuthor
New Member
October 2, 2019

Nothing is logged with:

diag sniffer packet soft_switch

But

diagnose sniffer packet Vlan16
Gives:


58.853437 arp who-has 169.254.72.173 tell 169.254.72.173
58.868285 169.254.72.173 -> 224.0.0.22:  ip-proto-2 16
58.868301 169.254.72.173 -> 224.0.0.22:  ip-proto-2 16
58.875325 169.254.72.173.5353 -> 224.0.0.251.5353: udp 39
58.875776 169.254.72.173.5353 -> 224.0.0.251.5353: udp 49
58.897388 169.254.72.173 -> 224.0.0.22:  ip-proto-2 16
58.932229 169.254.72.173.137 -> 169.254.255.255.137: udp 68
59.345761 169.254.72.173 -> 224.0.0.22:  ip-proto-2 32
59.463281 0.0.0.0.68 -> 255.255.255.255.67: udp 300
59.693053 169.254.72.173.137 -> 169.254.255.255.137: udp 68
60.493275 169.254.72.173.137 -> 169.254.255.255.137: udp 68
61.263915 169.254.72.173.137 -> 169.254.255.255.137: udp 68
62.071418 169.254.72.173.137 -> 169.254.255.255.137: udp 68
62.071703 169.254.72.173.137 -> 169.254.255.255.137: udp 68
62.835231 169.254.72.173.137 -> 169.254.255.255.137: udp 68
62.835513 169.254.72.173.137 -> 169.254.255.255.137: udp 68
63.609650 169.254.72.173.137 -> 169.254.255.255.137: udp 68
63.609691 169.254.72.173.137 -> 169.254.255.255.137: udp 68
64.366325 169.254.72.173.137 -> 169.254.255.255.137: udp 68
64.366367 169.254.72.173.137 -> 169.254.255.255.137: udp 68
64.410836 0.0.0.0.68 -> 255.255.255.255.67: udp 300
72.835085 0.0.0.0.68 -> 255.255.255.255.67: udp 300

89.650249 0.0.0.0.68 -> 255.255.255.255.67: udp 300
91.851527 arp who-has 169.254.72.173 tell 0.0.0.0
92.851487 arp who-has 169.254.72.173 tell 0.0.0.0
93.851322 arp who-has 169.254.72.173 tell 0.0.0.0
94.634018 0.0.0.0.68 -> 255.255.255.255.67: udp 300
94.851275 arp who-has 169.254.72.173 tell 169.254.72.173
94.868494 169.254.72.173 -> 224.0.0.22:  ip-proto-2 16
94.875555 169.254.72.173 -> 224.0.0.22:  ip-proto-2 16
94.880352 169.254.72.173.5353 -> 224.0.0.251.5353: udp 39
94.880709 169.254.72.173.5353 -> 224.0.0.251.5353: udp 49
94.893271 169.254.72.173 -> 224.0.0.22:  ip-proto-2 16
94.929725 169.254.72.173.137 -> 169.254.255.255.137: udp 68
95.351361 169.254.72.173 -> 224.0.0.22:  ip-proto-2 32
95.679633 169.254.72.173.137 -> 169.254.255.255.137: udp 68
96.445210 169.254.72.173.137 -> 169.254.255.255.137: udp 68
97.210830 169.254.72.173.137 -> 169.254.255.255.137: udp 68
97.982607 169.254.72.173.137 -> 169.254.255.255.137: udp 68
97.982651 169.254.72.173.137 -> 169.254.255.255.137: udp 68
98.741852 169.254.72.173.137 -> 169.254.255.255.137: udp 68
98.741889 169.254.72.173.137 -> 169.254.255.255.137: udp 68
99.507548 169.254.72.173.137 -> 169.254.255.255.137: udp 68
99.507585 169.254.72.173.137 -> 169.254.255.255.137: udp 68
100.272999 169.254.72.173.137 -> 169.254.255.255.137: udp 68
100.273037 169.254.72.173.137 -> 169.254.255.255.137: udp 68
102.508838 0.0.0.0.68 -> 255.255.255.255.67: udp 300

 

Terms & ConditionsAccessibility statement