mgordon-spi
asked on
IP Helper-Address DHCP over VLAN problems with 3550
We have a medium sized network comprising of a 3550 series switch at the core and 21 2950's supplying desktop access, We currently have the internal subnet 10.95.0.0/21 which we have subnetted further into
10.95.0.0/24 (VLAN 1)
10.95.1.0/24 (VLAN 20)
10.95.2.0/23 (VLAN 30)
10.95.4.0/24 (VLAN 40)
10.95.5.0/24 (VLAN 50)
These are the only subnets listed as they are the only oneswe require at this stage. Each of these subnets represents a VLAN on our network, it is important that one VLAN have 400 addresses so we have aggregated two /24's into the /23 (10.95.2.0-10.95.3.255).
The 3550 is providing the InterVLAN routing and when using statically assigned IP's I am able to contact PC's/Servers on other VLANS perfectly, however, I have a DHCP server @ 10.95.4.14 (VLAN40), and have configured the "ip helper-address" command on each of hte VLAN interfaces on the 3550, I have attached a copy of the 3550's config below.
The problem is that PC's in VLAN 1 and VLAN 20 are able to get an IP addressfrom hte DHCP server with no problems, but PC's on VLAN30, VLAN40 and VLAN50 cannot contact the DHCP server.
Any Ideas...?
EMC-Core#sh run
Building configuration...
Current configuration : 2050 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname EMC-Core
!
enable secret 5 $1$6RsS$3ayLhjIOyPJuLSxAbi
!
ip subnet-zero
ip routing
ip dhcp smart-relay
ip dhcp relay information trust-all
!
ip multicast-routing
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
interface GigabitEthernet0/1
switchport mode access
!
interface GigabitEthernet0/2
switchport mode access
shutdown
!
interface GigabitEthernet0/3
switchport access vlan 40
switchport mode dynamic desirable
!
interface GigabitEthernet0/4
switchport mode access
!
interface GigabitEthernet0/5
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/6
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/7
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/8
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/9
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/11
switchport mode dynamic desirable
!
interface GigabitEthernet0/12
switchport mode dynamic desirable
!
interface Vlan1
description Server Vlan
ip address 10.95.0.1 255.255.255.0
ip helper-address 10.95.4.14
!
interface Vlan10
description Admin Vlan
ip address 10.40.189.2 255.255.255.0
!
interface Vlan20
description Staff Vlan
ip address 10.95.1.1 255.255.255.0
ip helper-address 10.95.4.14
!
interface Vlan30
description Students Vlan
ip address 10.95.2.1 255.255.254.0
ip helper-address 10.95.4.14
!
interface Vlan40
description Router and Printers Vlan
ip address 10.95.4.2 255.255.255.0
!
interface Vlan50
description Phones
ip address 10.95.5.1 255.255.255.0
ip helper-address 10.95.4.14
!
ip classless
ip http server
!
!
snmp-server community emc RO
!
line con 0
exec-timeout 0 0
password ********
logging synchronous
login
line vty 0 4
password ********
login
line vty 5 15
login
!
end
EMC-Core#
10.95.0.0/24 (VLAN 1)
10.95.1.0/24 (VLAN 20)
10.95.2.0/23 (VLAN 30)
10.95.4.0/24 (VLAN 40)
10.95.5.0/24 (VLAN 50)
These are the only subnets listed as they are the only oneswe require at this stage. Each of these subnets represents a VLAN on our network, it is important that one VLAN have 400 addresses so we have aggregated two /24's into the /23 (10.95.2.0-10.95.3.255).
The 3550 is providing the InterVLAN routing and when using statically assigned IP's I am able to contact PC's/Servers on other VLANS perfectly, however, I have a DHCP server @ 10.95.4.14 (VLAN40), and have configured the "ip helper-address" command on each of hte VLAN interfaces on the 3550, I have attached a copy of the 3550's config below.
The problem is that PC's in VLAN 1 and VLAN 20 are able to get an IP addressfrom hte DHCP server with no problems, but PC's on VLAN30, VLAN40 and VLAN50 cannot contact the DHCP server.
Any Ideas...?
EMC-Core#sh run
Building configuration...
Current configuration : 2050 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname EMC-Core
!
enable secret 5 $1$6RsS$3ayLhjIOyPJuLSxAbi
!
ip subnet-zero
ip routing
ip dhcp smart-relay
ip dhcp relay information trust-all
!
ip multicast-routing
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
interface GigabitEthernet0/1
switchport mode access
!
interface GigabitEthernet0/2
switchport mode access
shutdown
!
interface GigabitEthernet0/3
switchport access vlan 40
switchport mode dynamic desirable
!
interface GigabitEthernet0/4
switchport mode access
!
interface GigabitEthernet0/5
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/6
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/7
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/8
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/9
switchport mode dynamic desirable
shutdown
!
interface GigabitEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/11
switchport mode dynamic desirable
!
interface GigabitEthernet0/12
switchport mode dynamic desirable
!
interface Vlan1
description Server Vlan
ip address 10.95.0.1 255.255.255.0
ip helper-address 10.95.4.14
!
interface Vlan10
description Admin Vlan
ip address 10.40.189.2 255.255.255.0
!
interface Vlan20
description Staff Vlan
ip address 10.95.1.1 255.255.255.0
ip helper-address 10.95.4.14
!
interface Vlan30
description Students Vlan
ip address 10.95.2.1 255.255.254.0
ip helper-address 10.95.4.14
!
interface Vlan40
description Router and Printers Vlan
ip address 10.95.4.2 255.255.255.0
!
interface Vlan50
description Phones
ip address 10.95.5.1 255.255.255.0
ip helper-address 10.95.4.14
!
ip classless
ip http server
!
!
snmp-server community emc RO
!
line con 0
exec-timeout 0 0
password ********
logging synchronous
login
line vty 0 4
password ********
login
line vty 5 15
login
!
end
EMC-Core#
"(...) not getting dhcp information (...)" i was to say!
Sorry for dbl post.
Sorry for dbl post.
ASKER
My Setup includes trunks to the 2950, so would look more like...
VLAN1 (PC) VLAN3
\ /
----2950-------Trunk------
/ \ \
VLAN 2 \ VLAN4
VLAN 4
\
\
Microsoft DHCP Server
The 3550 is acting like a VLAN router with 12x 1GB Ethernet ports. That is why I haveth helper addresses set up on hte VLAN interfaces of the 3550.
VLAN1 (PC) VLAN3
\ /
----2950-------Trunk------
/ \ \
VLAN 2 \ VLAN4
VLAN 4
\
\
Microsoft DHCP Server
The 3550 is acting like a VLAN router with 12x 1GB Ethernet ports. That is why I haveth helper addresses set up on hte VLAN interfaces of the 3550.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Rafael,
I gave it a go, but this time I couldnt get an IP for PC's on any of hte VLANS whereas before I could get IP's on the first two VLANS (1 & 20), but not on VLans 30 & 40.
Thanks
I gave it a go, but this time I couldnt get an IP for PC's on any of hte VLANS whereas before I could get IP's on the first two VLANS (1 & 20), but not on VLans 30 & 40.
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1. What address is that 10.95.4.14 anyway? Is this the dhcp server address?
2. Have you enabled dhcp debuging? It could give you precious information about what is going on!
Cheersw.
2. Have you enabled dhcp debuging? It could give you precious information about what is going on!
Cheersw.
vlan1 ---------- 3550 ------------ vlan40 (dhcp server is somewhere here)
/ \
/ \
vlan10 vlan20 (...)
sample config (for vlan10):
interface Vlan10
description Phones
ip address 10.95.5.1 255.255.255.0
ip helper-address <vlan40 address - from what I can see this is 10.95.4.2>
The ip-helper address must be the router interface router ip addres to which broadcasts are sent, from the client, in the
dhcp lease process.
Otherwise, you might also try to enable debuging. Two options are available:
debug ip dhcp ?
debug dhcp ?
One of them (not sure however - that's why I included "?" so you could check for yourself) is:
debug dhcp server packet or
debug dhcp server events
Anyway, it's questionable why the clients on the same subnet with the dhcp server are getting dhcp information ... But try
my sugestions and let me know if it worked, please!
Cheers.