• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

segmenting network

O

oddyager

Diamond Member
I'm trying to break up my network by making each floor switch its own VLAN and having one DHCP server provide addresses for them all. Using this guide:

http://www.lanarchitect.net/Articles/DHCP/index.htm

I'm not sure how I should configure the on-floor switches connected to the core switch. I'm assuming that each new vlan interface on the core switch becomes the new default gateway for machines on that vlan? How should I assign an IP to the on-floor switch then? For example, on the core switch I created int vlan10 with an IP of 10.10.0.62/29 and Ip-helper address of the dhcp server. On the floor switch, should i also create an int vlan10 with an ip of, say, 10.10.0.1/29? And then all ports configured on that switch would be on vlan 10?

Any help is appreciated. Thanks!
 
Originally posted by: oddyager
I'm assuming that each new vlan interface on the core switch becomes the new default gateway for machines on that vlan?
Click to expand...
Yes.

Originally posted by: oddyager
How should I assign an IP to the on-floor switch then? For example, on the core switch I created int vlan10 with an IP of 10.10.0.62/29 and Ip-helper address of the dhcp server. On the floor switch, should i also create an int vlan10 with an ip of, say, 10.10.0.1/29? And then all ports configured on that switch would be on vlan 10?
Click to expand...
Thats the best way to do it. Technically, since its defined at the core you could just do defaults on all the closet switches. But to do it right, create the vlan, assign switchport access, setup a management ip and you should be good.

In the future if you were have more than one vlan on the floor switches (ie Wireless VLAN) just trunk from the floor switch > core and create the vlan on both.

Are you etherchanneling the closet switches to the core?
 
Originally posted by: jlazzaro
Originally posted by: oddyager
I'm assuming that each new vlan interface on the core switch becomes the new default gateway for machines on that vlan?
Click to expand...
Yes.

Originally posted by: oddyager
How should I assign an IP to the on-floor switch then? For example, on the core switch I created int vlan10 with an IP of 10.10.0.62/29 and Ip-helper address of the dhcp server. On the floor switch, should i also create an int vlan10 with an ip of, say, 10.10.0.1/29? And then all ports configured on that switch would be on vlan 10?
Click to expand...
Thats the best way to do it. Technically, since its defined at the core you could just do defaults on all the closet switches. But to do it right, create the vlan, assign switchport access, setup a management ip and you should be good.

In the future if you were have more than one vlan on the floor switches (ie Wireless VLAN) just trunk from the floor switch > core and create the vlan on both.

Are you etherchanneling the closet switches to the core?
Click to expand...

Lazzaro, thanks for your help. I'll give it a shot. The closet switches are all home-runned back to the core.

EDIT: Update. So far it looks good. The only problem is that it takes a heck of a long time for the host to receive an IP even though if you look at the dhcp server an address has already been assigned to it. Also once it receives an IP, any subsequent reboots or ipconfig/release and renew takes forever also (15-20 minutes)...

Any ideas?
 
I haven't looked at the link....

VLAN is a layer2 thing, it won't automagiclly route between. What are you using as a layer3 device to route between the subnets?

One thing to do is enable portfast, and make sure dhcp-helper is defined on your routing device. We run VLAN's and a single DHCP server with no issues, but we have tweaked thing over the years. Portfast is one thing (it usually breaks PXE booting too).
 
Our 6513 is the core and will handle all the routing.

EDIT:

Okay, I ran ethereal just to see what's taking it so long. For some reason, even though the DHCP server is responding with DHCP Offer, the host is continually sending DHCP Discovery packets. Not sure why that is...
 
Originally posted by: oddyager
Our 6513 is the core and will handle all the routing.

EDIT:

Okay, I ran ethereal just to see what's taking it so long. For some reason, even though the DHCP server is responding with DHCP Offer, the host is continually sending DHCP Discovery packets. Not sure why that is...
Click to expand...

do you have ip-helper configured
do you have portfast enabled

 
Originally posted by: nweaver
Originally posted by: oddyager
Our 6513 is the core and will handle all the routing.

EDIT:

Okay, I ran ethereal just to see what's taking it so long. For some reason, even though the DHCP server is responding with DHCP Offer, the host is continually sending DHCP Discovery packets. Not sure why that is...
Click to expand...

do you have ip-helper configured
do you have portfast enabled
Click to expand...


Yes. Here is how I have it configured. As a test, I connected a 3500XL switch using a cat5e cable to my 6513. The gigabit port it is connected to is configured for as such:

description Test Switch
switchport
switchport trunk allowed vlan 1-4,8,10,12,15-409
switchport mode trunk
no ip address
speed 1000
duplex full

I created a new subinterface on the 6513 called vlan50. It's configured as:

interface Vlan50
ip address 20.20.20.62 255.255.255.192
ip helper-address 10.10.10.1
no ip redirects

On the 3500XL switch, I have the ports configured as:

interface FastEthernet0/1
switchport access vlan 50
spanning-tree portfast

and I created a management interface as such on the 3500XL:

interface VLAN50
ip address 20.20.20.1 255.255.255.192
no ip directed-broadcast
no ip route-cache


The test switch and 6513 can ping each other and can ping across the different vlans. However when I connect a host to that fastethernet port, it starts to get very flaky. Most of the time DHCP fails (though as said earlier I do see communication between server and client) and when it succeeds (which seems to take forever which is not good...), eventually, the host can talk fine with other vlans.

 
Check counters on the fa0/1 port on the 3500, to ensure you aren't having layer1/2 issues
do a port mon on fa0/1 on the 3500, and sniff the DHCP request.
 
I'm not sure why but I added the command ip default gateway pointing to vlan50 int on the 6513 and it looks ok so far. I'm guessing maybe its an IOS issue (the 3500XL is on 12.0)?

In anycase that looks good so far. Now my next problem is getitng this stuff to work with a DHCP server on a VM.

EDIT:

Okay I think my understanding of DHCP is lacking but when a DHCP Discover is made, the server should respond with a DHCP offer, and not something with ICMP, correct? What I'm seeing is a DHCP Discover packet being sent from the client which I think the server hears but immediately following that packet is a ICMP packet from the server telling me that the destination of that client is unreachable. I can ping the client from the server and don't believe its a routing issue.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top