Posted on 2006-06-24
Last Modified: 2010-03-19
I need to split my network into 4 vlans (1 per building on campus). I currently use the 3060 Pro as my dhcp server located in my admin building for everyone, all switches are Cisco. Anyone have an idea how to config dhcp so that the outlying vlans will still be able to get their ip addresses, since broadcasting will be blocked??

Question by:rhcellxion
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
LVL 96

Accepted Solution

Lee W, MVP earned 63 total points
ID: 16976593
You should be able to configure the Cisco switches to forward DHCP requests while NOT forwarding the other broadcasts.

Here's a reference posting:
LVL 11

Expert Comment

ID: 16976601
If you use the command "ip helper-address <DHCP Server-Address> on the router interface for each VLAN that will forward all broadcasts to the DHCP server, which is a common approach.

You may also be able to configure a DHCP Relay-Agent which will only forward DHCP request.


LVL 96

Expert Comment

by:Lee W, MVP
ID: 16976610
Just pointing out, that's exactly what the link I provided says.
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

LVL 79

Expert Comment

ID: 16976711
That all depends . . . .
What model Cisco switches? Only layer 3 switches can forward the dhcp broadcasts and use the ip helper-address command..

Author Comment

ID: 17208661
I've got another question concerning trunks.  When creating the vlans, do I leave the uplink ports, that will be trunks on vlan1, or change them to the vlan that all of the other ports are on?  I thought I read somewhere that you should always keep the trunk ports on vlan1.

what I'm seeing is that if I leave the trunk on vlan1, I can telnet to the switch from anywhere as long as the computer is plugged in to a different switch.  If it's on the same switch,  they won't talk.  If I change the native vlan of the trunk, it will talk when plugged in to the same switch.
LVL 79

Assisted Solution

lrmoore earned 62 total points
ID: 17209407
When you create vlans, and you have more than one switch participating in the same vlan, then the trunk port carries all the active vlans. By default a trunk port carries all vlans.
If you assign the switch's IP address to vlan 1 and assign all ports on that switch to say, vlan2, then of course you can't telnet to the switch from anything connected to any other port that is not in vlan 1.
If you want to be able to telnet to the switch from anywhere, then you need layer 3 routing between the different vlans.

Author Comment

ID: 17209414
Thanks, after I posted and read it, that's what I figured out.  I appreciate the help, and will surely be posting more here as I continue through this process.

Author Comment

ID: 17209438
But is it true that the default vlan1 is used for management, and it's recommended that you keep all trunk ports on vlan1 for that reason??  Or could I just put the trunks on the same native vlan as the other ports on that switch?
LVL 79

Expert Comment

ID: 17210824
>But is it true that the default vlan1 is used for management,
By default, yes, but you can change the management vlan anytime you want to.
From a network management perspective, I like to keep management on vlan1 simply because any new switch out of the box is configured for vlan1 and if someone plugs one into the network, I can see it and touch it.
Trunk ports are not specifically a member of any vlan, they "carry" the vlan information between switches.


Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses
Course of the Month8 days, 2 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question