• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 949
  • Last Modified:

VLAN and DHCP

I need to split my network into 4 vlans (1 per building on campus). I currently use the 3060 Pro as my dhcp server located in my admin building for everyone, all switches are Cisco. Anyone have an idea how to config dhcp so that the outlying vlans will still be able to get their ip addresses, since broadcasting will be blocked??

thanks
Randy
0
rhcellxion
Asked:
rhcellxion
  • 3
  • 3
  • 2
  • +1
2 Solutions
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
You should be able to configure the Cisco switches to forward DHCP requests while NOT forwarding the other broadcasts.

Here's a reference posting:
http://networking.ittoolbox.com/groups/technical-functional/cisco-infrastructure-l/forward-dhcp-requests-1050836
0
 
grsteedCommented:
If you use the command "ip helper-address <DHCP Server-Address> on the router interface for each VLAN that will forward all broadcasts to the DHCP server, which is a common approach.

You may also be able to configure a DHCP Relay-Agent which will only forward DHCP request.

Cheers,

Gary
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Just pointing out, that's exactly what the link I provided says.
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
lrmooreCommented:
That all depends . . . .
What model Cisco switches? Only layer 3 switches can forward the dhcp broadcasts and use the ip helper-address command..
0
 
rhcellxionAuthor Commented:
I've got another question concerning trunks.  When creating the vlans, do I leave the uplink ports, that will be trunks on vlan1, or change them to the vlan that all of the other ports are on?  I thought I read somewhere that you should always keep the trunk ports on vlan1.

what I'm seeing is that if I leave the trunk on vlan1, I can telnet to the switch from anywhere as long as the computer is plugged in to a different switch.  If it's on the same switch,  they won't talk.  If I change the native vlan of the trunk, it will talk when plugged in to the same switch.
0
 
lrmooreCommented:
When you create vlans, and you have more than one switch participating in the same vlan, then the trunk port carries all the active vlans. By default a trunk port carries all vlans.
If you assign the switch's IP address to vlan 1 and assign all ports on that switch to say, vlan2, then of course you can't telnet to the switch from anything connected to any other port that is not in vlan 1.
If you want to be able to telnet to the switch from anywhere, then you need layer 3 routing between the different vlans.
0
 
rhcellxionAuthor Commented:
Thanks, after I posted and read it, that's what I figured out.  I appreciate the help, and will surely be posting more here as I continue through this process.
0
 
rhcellxionAuthor Commented:
But is it true that the default vlan1 is used for management, and it's recommended that you keep all trunk ports on vlan1 for that reason??  Or could I just put the trunks on the same native vlan as the other ports on that switch?
0
 
lrmooreCommented:
>But is it true that the default vlan1 is used for management,
By default, yes, but you can change the management vlan anytime you want to.
From a network management perspective, I like to keep management on vlan1 simply because any new switch out of the box is configured for vlan1 and if someone plugs one into the network, I can see it and touch it.
Trunk ports are not specifically a member of any vlan, they "carry" the vlan information between switches.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now