ARSCO
asked on
Setting up a VLAN with a Cisco 3560 & Netgear GS724T... Kinda Working... DHCP Issue
Ok I have a Cisco 3560G setup with VLAN 1 & 2. Everything works great when only using the Cisco. Our network however has several Netgear GS724T smart switches. When I attempt to add them in line, I have issues. Here is the setup:
Cisco 3560G is setup with VLAN 1 & 2 and is doing the routing between VLAN's. See the runing config below. When I connect a Netgear GS724T to one of the port assigned to VLAN 2, things kind of work. The netgear switch itself has a static IP, which is pingable from VLAN 1. However when I connect a workstation to the Netgear and try to pull DHCP it fails to find a DHCP server ont he first try. If I try a second time, it also immediately finds the server. However if i release and renew I have to renew twice to get an IP.
When the same workstation is pulled into the Cisco switch, on a port assigned to VLAN 2, everything works smoothly.
The Netgear can be configured in either IEEE 802.1Q or Port Based VLAN. I'm not sure which one to use. I've tried both and both do the same thing. When using 802.1q mode I can have tagged and untagged packets, again I've tried both.
I've set the PVID on all ports to 2, not sure if that's correct or now.
All ports on this switch will be operating on VLAN 2.
Suggestions?
Cisco 3560G Configuration:
Building configuration...
Current configuration : 2289 bytes
!
! Last configuration change at 08:36:44 EDT Thu Oct 2 2008
! NVRAM config last updated at 16:45:48 EDT Tue Sep 30 2008
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime localtime
no service password-encryption
!
hostname FINANCE_2ND_FLOOR
!
enable secret **
!
no aaa new-model
clock timezone est -5
clock summer-time EDT recurring
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
switchport access vlan 2
!
interface GigabitEthernet0/14
switchport access vlan 2
!
interface GigabitEthernet0/15
switchport access vlan 2
!
interface GigabitEthernet0/16
switchport access vlan 2
!
interface GigabitEthernet0/17
switchport access vlan 2
!
interface GigabitEthernet0/18
switchport access vlan 2
!
interface GigabitEthernet0/19
switchport access vlan 2
!
interface GigabitEthernet0/20
switchport access vlan 2
!
interface GigabitEthernet0/21
switchport access vlan 2
!
interface GigabitEthernet0/22
switchport access vlan 2
!
interface GigabitEthernet0/23
switchport access vlan 2
!
interface GigabitEthernet0/24
switchport access vlan 2
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
ip address 192.168.10.4 255.255.252.0
!
interface Vlan2
ip address 192.168.20.1 255.255.252.0
ip helper-address 192.168.10.24
ip helper-address 192.168.10.25
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.10.2
ip http server
!
logging history debugging
logging 192.168.10.29
!
control-plane
!
!
line con 0
line vty 0 4
password **
login
line vty 5 15
password **
login
!
ntp clock-period 36028641
ntp server 192.168.10.24
end
Cisco 3560G is setup with VLAN 1 & 2 and is doing the routing between VLAN's. See the runing config below. When I connect a Netgear GS724T to one of the port assigned to VLAN 2, things kind of work. The netgear switch itself has a static IP, which is pingable from VLAN 1. However when I connect a workstation to the Netgear and try to pull DHCP it fails to find a DHCP server ont he first try. If I try a second time, it also immediately finds the server. However if i release and renew I have to renew twice to get an IP.
When the same workstation is pulled into the Cisco switch, on a port assigned to VLAN 2, everything works smoothly.
The Netgear can be configured in either IEEE 802.1Q or Port Based VLAN. I'm not sure which one to use. I've tried both and both do the same thing. When using 802.1q mode I can have tagged and untagged packets, again I've tried both.
I've set the PVID on all ports to 2, not sure if that's correct or now.
All ports on this switch will be operating on VLAN 2.
Suggestions?
Cisco 3560G Configuration:
Building configuration...
Current configuration : 2289 bytes
!
! Last configuration change at 08:36:44 EDT Thu Oct 2 2008
! NVRAM config last updated at 16:45:48 EDT Tue Sep 30 2008
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime localtime
no service password-encryption
!
hostname FINANCE_2ND_FLOOR
!
enable secret **
!
no aaa new-model
clock timezone est -5
clock summer-time EDT recurring
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
switchport access vlan 2
!
interface GigabitEthernet0/14
switchport access vlan 2
!
interface GigabitEthernet0/15
switchport access vlan 2
!
interface GigabitEthernet0/16
switchport access vlan 2
!
interface GigabitEthernet0/17
switchport access vlan 2
!
interface GigabitEthernet0/18
switchport access vlan 2
!
interface GigabitEthernet0/19
switchport access vlan 2
!
interface GigabitEthernet0/20
switchport access vlan 2
!
interface GigabitEthernet0/21
switchport access vlan 2
!
interface GigabitEthernet0/22
switchport access vlan 2
!
interface GigabitEthernet0/23
switchport access vlan 2
!
interface GigabitEthernet0/24
switchport access vlan 2
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
ip address 192.168.10.4 255.255.252.0
!
interface Vlan2
ip address 192.168.20.1 255.255.252.0
ip helper-address 192.168.10.24
ip helper-address 192.168.10.25
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.10.2
ip http server
!
logging history debugging
logging 192.168.10.29
!
control-plane
!
!
line con 0
line vty 0 4
password **
login
line vty 5 15
password **
login
!
ntp clock-period 36028641
ntp server 192.168.10.24
end
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
haha 2 minutes between brooklyn and me :)
lol yeh but we are on the same page, I just gave a weee more info :)
ASKER
Why do I have to set a trunk up? I want all traffic from the netgear to be viewed as VLAN 2 on the Cisco. Which it should be as long as the link between the two is plugged into a VLAN 2 port.
Everything works, it's just that DHCP is taking forever. DHCP will fail to find the server, yet moments later if you do an ipconfig, it has an ip address!? I've tried this on both the Netgear GS724T and a unmanaged 8 port Netgear. Both respond in the same manner.
With a very basic VLAN setup, the only switch that needs to know about VLANs is the Cisco 3560; correct?
Everything works, it's just that DHCP is taking forever. DHCP will fail to find the server, yet moments later if you do an ipconfig, it has an ip address!? I've tried this on both the Netgear GS724T and a unmanaged 8 port Netgear. Both respond in the same manner.
With a very basic VLAN setup, the only switch that needs to know about VLANs is the Cisco 3560; correct?
In theory, you are absolutely correct but, it is not working smoothly.
I understand you don't want that NG switch to have any knowledge of any other VLANs. I made the assumption that you wanted the two switches to know about what each other was doing with the VLANs.
For those two IP helper statements, are those two separate DHCP servers or is it going to the same server? I'm just curious.
I understand you don't want that NG switch to have any knowledge of any other VLANs. I made the assumption that you wanted the two switches to know about what each other was doing with the VLANs.
For those two IP helper statements, are those two separate DHCP servers or is it going to the same server? I'm just curious.
ASKER
The setup I have is this: SITE A (VLAN 1) and SITE B (VLAN 2). The sites are connected with two proxim tsunami wireless dish setups; that are Port Channel together for failover. Sites are about 8 miles apart.
With this basic setup, the only switch that needs to know about the multiple VLANs is the Cisco 3560, which will be located at one of the two ends of the dishes.
The goal of this is to lower broadcast traffic on the dishes and to force VLAN 2 to use a DFS & DC server located at their site; first before failing over to the DC's and DFS servers in VLAN 1. I've thought about making the dishes their own VLAN, but that would require a second 3560 (1 at each end of the dishes); this would lower broadcast traffic even more.
The DHCP servers are actually different servers. One is pushing 192.168.8.0 and the other 192.168.9.0. I've removed 192.168.10.25 right now while testing.
With this basic setup, the only switch that needs to know about the multiple VLANs is the Cisco 3560, which will be located at one of the two ends of the dishes.
The goal of this is to lower broadcast traffic on the dishes and to force VLAN 2 to use a DFS & DC server located at their site; first before failing over to the DC's and DFS servers in VLAN 1. I've thought about making the dishes their own VLAN, but that would require a second 3560 (1 at each end of the dishes); this would lower broadcast traffic even more.
The DHCP servers are actually different servers. One is pushing 192.168.8.0 and the other 192.168.9.0. I've removed 192.168.10.25 right now while testing.
ASKER
Hmm... I guess I could setup trunking between the two switches on either side of the dishes; which are a Cisco 3560 and a 2960. This would allow me to put the dishes in their own VLAN, correct?
To make sure that I'm on the right track, I'm going to iterate that the NG switch is at Site B, right. If that's true, then I would assume that that NG switch is connected to the Site B dish and that transmits to Site A where the dish at that site is connected to a port on the 3560 which is configured as VLAN 2.
If that's the case, then you could use the port that the dish at Site A is connected to as your VLAN trunk port. Of course, configuring the NG switch at Site B first if you are doing all of this remotely from Site A so that the port the dish is connected to at Site B on the NG switch is set up for trunking and you won't lose connection. Essentially, your dishes would just act as wireless trunks. The broadcasting would be kept to a minimum if this were to be implemented.
If that's the case, then you could use the port that the dish at Site A is connected to as your VLAN trunk port. Of course, configuring the NG switch at Site B first if you are doing all of this remotely from Site A so that the port the dish is connected to at Site B on the NG switch is set up for trunking and you won't lose connection. Essentially, your dishes would just act as wireless trunks. The broadcasting would be kept to a minimum if this were to be implemented.
ASKER
Attached is a crud layout map of our setup.
So what you're saying is that I need to setup the 3560 & 2960 to have the Port-Channel as the trunk between the switches. Can you help me walk through this? I physically can't do it right now thought, but would like to have a better grasp of the command needed to do it.
I've been playing with my setup and something I did resolved the slowness of DHCP. I believe it was because the DHCP range was pushing out 192.168.22.0 has an IP address. I changed the first IP to 192.168.22.1 and it works like I would expect it too.
This is the current configuration of Site B Cisco 2960, in regards to the Port-Channel between sites:
!
interface Port-channel1
description EtherChannel for Wireless Radios
!
interface GigabitEthernet0/23
description Tsunami 54 Link
media-type sfp
duplex full
channel-group 1 mode desirable non-silent
!
interface GigabitEthernet0/24
description Tsunami 45 Link
media-type sfp
duplex full
channel-group 1 mode desirable non-silent
Site-Map.pdf
So what you're saying is that I need to setup the 3560 & 2960 to have the Port-Channel as the trunk between the switches. Can you help me walk through this? I physically can't do it right now thought, but would like to have a better grasp of the command needed to do it.
I've been playing with my setup and something I did resolved the slowness of DHCP. I believe it was because the DHCP range was pushing out 192.168.22.0 has an IP address. I changed the first IP to 192.168.22.1 and it works like I would expect it too.
This is the current configuration of Site B Cisco 2960, in regards to the Port-Channel between sites:
!
interface Port-channel1
description EtherChannel for Wireless Radios
!
interface GigabitEthernet0/23
description Tsunami 54 Link
media-type sfp
duplex full
channel-group 1 mode desirable non-silent
!
interface GigabitEthernet0/24
description Tsunami 45 Link
media-type sfp
duplex full
channel-group 1 mode desirable non-silent
Site-Map.pdf
ASKER
Although I solved my specific problem on my own. Brooklyn Shogun was helpful, so I'm awarding the points to him.
You should set up a trunk between the 2 switches.
setup encapsulation on the trunk ( normaly between 2 cisco's dot 802.1Q
Hope it helps