Posted on 2006-06-24
Last Modified: 2010-03-19
I need to split my network into 4 vlans (1 per building on campus). I currently use the 3060 Pro as my dhcp server located in my admin building for everyone, all switches are Cisco. Anyone have an idea how to config dhcp so that the outlying vlans will still be able to get their ip addresses, since broadcasting will be blocked??

Question by:rhcellxion
  • 3
  • 3
  • 2
  • +1
LVL 95

Accepted Solution

Lee W, MVP earned 63 total points
ID: 16976593
You should be able to configure the Cisco switches to forward DHCP requests while NOT forwarding the other broadcasts.

Here's a reference posting:
LVL 11

Expert Comment

ID: 16976601
If you use the command "ip helper-address <DHCP Server-Address> on the router interface for each VLAN that will forward all broadcasts to the DHCP server, which is a common approach.

You may also be able to configure a DHCP Relay-Agent which will only forward DHCP request.


LVL 95

Expert Comment

by:Lee W, MVP
ID: 16976610
Just pointing out, that's exactly what the link I provided says.
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

LVL 79

Expert Comment

ID: 16976711
That all depends . . . .
What model Cisco switches? Only layer 3 switches can forward the dhcp broadcasts and use the ip helper-address command..

Author Comment

ID: 17208661
I've got another question concerning trunks.  When creating the vlans, do I leave the uplink ports, that will be trunks on vlan1, or change them to the vlan that all of the other ports are on?  I thought I read somewhere that you should always keep the trunk ports on vlan1.

what I'm seeing is that if I leave the trunk on vlan1, I can telnet to the switch from anywhere as long as the computer is plugged in to a different switch.  If it's on the same switch,  they won't talk.  If I change the native vlan of the trunk, it will talk when plugged in to the same switch.
LVL 79

Assisted Solution

lrmoore earned 62 total points
ID: 17209407
When you create vlans, and you have more than one switch participating in the same vlan, then the trunk port carries all the active vlans. By default a trunk port carries all vlans.
If you assign the switch's IP address to vlan 1 and assign all ports on that switch to say, vlan2, then of course you can't telnet to the switch from anything connected to any other port that is not in vlan 1.
If you want to be able to telnet to the switch from anywhere, then you need layer 3 routing between the different vlans.

Author Comment

ID: 17209414
Thanks, after I posted and read it, that's what I figured out.  I appreciate the help, and will surely be posting more here as I continue through this process.

Author Comment

ID: 17209438
But is it true that the default vlan1 is used for management, and it's recommended that you keep all trunk ports on vlan1 for that reason??  Or could I just put the trunks on the same native vlan as the other ports on that switch?
LVL 79

Expert Comment

ID: 17210824
>But is it true that the default vlan1 is used for management,
By default, yes, but you can change the management vlan anytime you want to.
From a network management perspective, I like to keep management on vlan1 simply because any new switch out of the box is configured for vlan1 and if someone plugs one into the network, I can see it and touch it.
Trunk ports are not specifically a member of any vlan, they "carry" the vlan information between switches.


Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Stuck in INIT/DROTHER 2 23
Looking for open port with Telnet 5 59
Unmanaged Switches for Optimized Network Speeds 7 39
Comcast Static IP Addresses 13 36
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question