Help with VLAN's
I am having a bit of trouble implementing VLAN's across my environment and could use some advice, as I am running out of ideas. I have a L3 switch handling interVLAN routing. All other switches have the L3 switch set as the default gateway. The default gateway for the L3 switch is my firewall router.
I have 19 VLAN's: 1,10,11,20,21,30,31,40,41,
The firewall has routing statements for all VLAN's pointing to the L3 switch as the gateway for each VLAN.
Here's a diagram of the logical network topology:
Basically each site has its own switch, and will have its own data vlan and voice vlan. The DHCP server should serve DHCP to all VLAN's.
Hosts on S2 and S3 get IP addresses from DHCP on VLAN's 10 and 11(switchport set to access), however none of the other sites are getting IP's on any VLAN besides VLAN 1. Most of the L2 switches are Cisco small business 200 series switches, and do not support IP helper command. I thought as long as the L3 switch was the default gateway, it could forward DHCP requests to the DHCP server, am I wrong?
I have 19 VLAN's: 1,10,11,20,21,30,31,40,41,
The firewall has routing statements for all VLAN's pointing to the L3 switch as the gateway for each VLAN.
Here's a diagram of the logical network topology:
Basically each site has its own switch, and will have its own data vlan and voice vlan. The DHCP server should serve DHCP to all VLAN's.
Hosts on S2 and S3 get IP addresses from DHCP on VLAN's 10 and 11(switchport set to access), however none of the other sites are getting IP's on any VLAN besides VLAN 1. Most of the L2 switches are Cisco small business 200 series switches, and do not support IP helper command. I thought as long as the L3 switch was the default gateway, it could forward DHCP requests to the DHCP server, am I wrong?
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
It looks like I did have that setup already. Here is a screenshot of the DHCP interface settings:
Is it pointing to the correct IP address?
Can you post the CLI config?
Can you post the CLI config?
ASKER
SW1#sh run
config-file-header
SW1
v1.2.9.44 / R750_NIK_1_2_584_002
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
spanning-tree priority 0
vlan database
vlan 10-11,20-21,30-31,40-41,50-51,60-61,70-71,80-81
exit
voice vlan vpt 6
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
voice vlan oui-table add 08000f Mitel_phone_________
no ip arp proxy disable
ip dhcp relay address 192.168.0.3
ip dhcp relay enable
ip dhcp information option
no boot host auto-config
bonjour interface range vlan 1
hostname SW1
username admin password encrypted *** privi
lege 15
username cisco password encrypted **** privi
lege 15
encrypted ip ssh-client password ****
snmp-server server
snmp-server location "City Hall"
snmp-server contact *******
clock timezone AST -9
clock summer-time web recurring usa
ip domain name CITY
ip name-server 192.168.0.3 192.168.0.4 192.168.0.56
ip host TRUULI 192.168.0.4
ip host ALYESKA 192.168.0.3
ip telnet server
!
interface vlan 1
ip address 192.168.0.15 255.255.255.0
no ip address dhcp
ip dhcp relay enable
!
interface vlan 10
name CH_DATA
ip address 10.0.10.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 11
name CH_VOICE
ip address 10.0.11.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 20
name SC_DATA
ip address 10.0.20.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 21
name SC_VOICE
ip address 10.0.21.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 30
name PD_DATA
ip address 10.0.30.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 31
name PD_VOICE
ip address 10.0.31.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 40
name LB_DATA
ip address 10.0.40.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 41
name LB_VOICE
ip address 10.0.41.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 50
name WW_DATA
ip address 10.0.50.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 51
name WW_VOICE
ip address 10.0.51.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 60
name AC_DATA
ip address 10.0.60.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 61
name AC_VOICE
ip address 10.0.61.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 70
name SM_DATA
ip address 10.0.70.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 71
name SM_VOICE
ip address 10.0.71.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 80
name MS_DATA
ip address 10.0.80.15 255.255.255.0
ip dhcp relay enable
!
interface vlan 81
name MS_VOICE
ip address 10.0.81.15 255.255.255.0
ip dhcp relay enable
!
interface gigabitethernet1
channel-group 2 mode auto
switchport mode access
!
interface gigabitethernet2
channel-group 2 mode auto
switchport mode access
!
interface gigabitethernet4
switchport mode access
!
interface gigabitethernet5
switchport mode access
!
interface gigabitethernet6
switchport mode access
!
interface gigabitethernet7
switchport mode access
!
interface gigabitethernet8
switchport mode access
!
interface gigabitethernet9
switchport mode access
!
interface gigabitethernet10
switchport mode access
!
interface gigabitethernet11
switchport mode access
!
interface gigabitethernet12
switchport mode access
!
interface gigabitethernet13
switchport mode access
!
interface gigabitethernet14
switchport mode access
!
interface gigabitethernet15
switchport mode access
!
interface gigabitethernet16
switchport mode access
!
interface gigabitethernet17
switchport mode access
!
interface gigabitethernet18
switchport mode access
!
interface gigabitethernet19
switchport mode access
!
interface gigabitethernet20
switchport mode access
!
interface gigabitethernet21
switchport mode access
switchport access vlan 10
!
interface gigabitethernet22
switchport mode access
!
interface gigabitethernet23
switchport mode access
!
interface gigabitethernet24
switchport mode access
!
interface gigabitethernet25
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 10-11,20-21,30-31,40-41,50-51
switchport trunk allowed vlan add 60-61,70-71,80-81
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface gigabitethernet26
switchport trunk allowed vlan add 10-11,20-21,30-31,40-41,50-51
switchport trunk allowed vlan add 60-61,70-71,80-81
!
interface gigabitethernet27
switchport mode access
!
interface gigabitethernet28
switchport mode access
!
interface gigabitethernet29
switchport mode access
!
interface gigabitethernet30
switchport mode access
!
interface gigabitethernet31
switchport mode access
!
interface gigabitethernet32
switchport mode access
!
interface gigabitethernet33
switchport mode access
!
interface gigabitethernet34
switchport mode access
!
interface gigabitethernet35
switchport mode access
!
interface gigabitethernet36
switchport mode access
!
interface gigabitethernet37
switchport mode access
!
interface gigabitethernet38
switchport mode access
!
interface gigabitethernet39
switchport mode access
!
interface gigabitethernet40
switchport mode access
!
interface gigabitethernet41
switchport mode access
!
interface gigabitethernet42
switchport mode access
!
interface gigabitethernet43
switchport mode access
!
interface gigabitethernet44
switchport mode access
!
interface gigabitethernet45
switchport mode access
!
interface gigabitethernet46
switchport mode access
!
interface gigabitethernet47
switchport mode access
!
interface gigabitethernet48
switchport mode access
!
interface gigabitethernet49
channel-group 1 mode auto
switchport mode access
!
interface gigabitethernet50
channel-group 1 mode auto
switchport mode access
!
interface gigabitethernet51
switchport mode access
!
interface gigabitethernet52
switchport mode access
!
interface Port-channel1
description LAG1
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 10-11,20-21,30-31,40-41,50-51
switchport trunk allowed vlan add 60-61,70-71,80-81
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface Port-channel2
description LAG2
switchport trunk allowed vlan add 10-11,20-21,30-31,40-41,50-51
switchport trunk allowed vlan add 60-61,70-71,80-81
!
ip helper-address 192.168.0.1 192.168.0.3 37 42 49 53 137 138
ip helper-address all 192.168.0.3 37 42 49 53 137 138
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ASKER
DHCP server is 192.168.0.3
Nope. No helper addresses on the interfaces.
Go to each interface and issue the command:
ip helper-address 192.168.0.3
Go to each interface and issue the command:
ip helper-address 192.168.0.3
ASKER
On the VLAN interfaces or on the actual port interfaces?
I entered that command on each vlan interface but it does not reflect it in the config, still shows the same as before:
I entered that command on each vlan interface but it does not reflect it in the config, still shows the same as before:
!
interface vlan 10
name CH_DATA
ip address 10.0.10.15 255.255.255.0
ip dhcp relay enable
!
On the VLAN interfaces.
ASKER
Okay I did that - I am curious as to why the config did not change, still shows same thing under VLAN interfaces.
I should mention my switch wanted two dhcp server addresses, it would not let me enter only one, so I entered the same ip twice, e.g: ip helper-address 192.168.0.3 192.168.0.3
I should mention my switch wanted two dhcp server addresses, it would not let me enter only one, so I entered the same ip twice, e.g: ip helper-address 192.168.0.3 192.168.0.3
Could be the presence of the relay command. Try removing the "ip dhcp relay enable" and then apply the helper address.
ASKER
Hosts connected to S2, S3 and S4 get DHCP on VLAN's 10 and 11. These are switches directly connected to S1 which performs the routing and DHCP relay. The relay must be working for these hosts to get DHCP.
However, hosts on any of the switches in the TLS cloud, which are not directly connected (although they are logically), do not get DHCP on VLAN's 10 and 11. This makes me wonder if it has something to do with the TLS connections. Thoughts?
However, hosts on any of the switches in the TLS cloud, which are not directly connected (although they are logically), do not get DHCP on VLAN's 10 and 11. This makes me wonder if it has something to do with the TLS connections. Thoughts?
ASKER
I just had a thought - I will check that dhcp relay is applied to the LAG's as well.
ASKER
It wasn't applied to the LAG's. It is now, I will test soon.
ASKER
Got sidetracked with other projects; I will test this again today
ASKER
Testing was unsuccessful. Any other ideas why VLAN communication is not working?
ASKER
Turns out the TLS was the issue; the current L2 network does not pass VLAN traffic.
ASKER
Giving you the points on this since you helped, thanks!
Networking
Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.
102K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER