• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4061
  • Last Modified:

DHCP relay configuration in Windows 2012 for multiple VLANs

Have several VLANs setup on a Cisco L3 switch.  Enabled DHCP relay agent on the switch for the following VLANs.  Have a Windows 2012 server that I want to use as my DHCP server.  Installed and enabled DHCP relay agent on the server.  Created scopes, but can only get computers which are on the same VLAN as the server get IP's.
VLAN20  ==>   10.10.20.1
VLAN30 ==>    10.10.30.1
VLAN50 ==>    10.10.50.1

Windows 2012 server = 10.10.50.240
Guessing there may be more configuration needed.
0
Webcc
Asked:
Webcc
  • 7
  • 4
  • 2
2 Solutions
 
InfamusCommented:
you have to add the following statement to each vlan interface.

ip helper-address 10.10.5.240
0
 
InfamusCommented:
config t
interface vlan 20
ip helper-address 10.10.5.240
exit

interface vlan 30
ip helper-address 10.10.5.240
exit

interface vlan 50
ip helper-address 10.10.5.240
exit
exit
wr mem
0
 
WebccAuthor Commented:
This the configuration of the SG300 switch.  The relay address appears to be a global option.  No options to specifically set an address only enable relay or disable.  Thought I had it working at one time, but starting messing with the MAC allow list on the DHCP server.  Have disable that and removed any policies configured.  Deleted scopes and rebuilt, stopped and started dhcp server still no go!

ip dhcp relay address 10.10.50.240
ip dhcp relay enable

interface vlan 20
 name Public
 ip address 10.10.20.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 30
 name Video
 ip address 10.10.30.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 50
 name Shared
 ip address 10.10.50.1 255.255.255.0
!ip dhcp relay enable
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
InfamusCommented:
Are you able to ping one vlan to another?  (asking if ip routing is enabled)

You don't have ip helper-address command available?
0
 
WebccAuthor Commented:
Yes IP routing is enabled and I can ping, interVlan communications is working fine. Can ping the dhcp server from VLAN20 or 30. Able to set statics and everything is good.  Just tried setting -  ip helper-address any 10.10.50.240, still not working.
Is there anything on the server that needs to be configured?  As I said I have the relay agent running on the server as well.
 Here's the config:


CCSCO1
v1.2.9.44 / R750_NIK_1_2_584_002
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10,20,30,50
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp relay address 10.10.50.240
ip dhcp relay enable
ip dhcp information option
bonjour interface range vlan 1
hostname CCSCO1
username cisco password encrypted 9efdc8d527563682731724691b4fbde146005082 privilege 15
username webcc password encrypted 9efdc8d527563682731724691b4fbde146005082 privilege 15
ip ssh server
ip ssh pubkey-auth
ip ssh-client server authentication
clock timezone " " -6
clock summer-time web recurring usa
clock source sntp
!
interface vlan 1
 ip address 192.168.1.1 255.255.255.0
 no ip address dhcp
!
interface vlan 10
 name Private
 ip address 192.168.44.1 255.255.255.0
!
interface vlan 20
 name Public
 ip address 10.10.20.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 30
 name Video
 ip address 10.10.30.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 50
 name Shared
 ip address 10.10.50.1 255.255.255.0
 ip dhcp relay enable
!
interface gigabitethernet1
 switchport mode access
!
interface gigabitethernet2
 switchport mode access
 switchport access vlan 10
!
interface gigabitethernet3
 switchport mode access
 switchport access vlan 10
!
interface gigabitethernet4
 switchport mode access
 switchport access vlan 10
!
interface gigabitethernet5
 switchport mode access
 switchport access vlan 10
!
interface gigabitethernet6
 switchport mode access
 switchport access vlan 10
!
interface gigabitethernet7
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet8
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet9
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet10
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet11
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet12
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet13
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet14
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet15
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet16
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet17
 switchport mode access
 switchport access vlan 20
!
interface gigabitethernet18
 switchport mode access
 switchport access vlan 30
!
interface gigabitethernet19
 switchport mode access
 switchport access vlan 30
!
interface gigabitethernet20
 switchport mode access
 switchport access vlan 30
!
interface gigabitethernet21
 switchport mode access
 switchport access vlan 30
!
interface gigabitethernet22
 switchport mode access
 switchport access vlan 30
!
interface gigabitethernet23
 switchport mode access
 switchport access vlan 50
!
interface gigabitethernet24
 switchport mode access
 switchport access vlan 50
!
interface gigabitethernet25
 switchport mode access
 switchport access vlan 50
!
interface gigabitethernet26
 switchport mode access
!
interface gigabitethernet27
 switchport mode access
!
interface gigabitethernet28
 switchport mode access
!
ip helper-address all 10.10.50.240 37 42 49 53 137 138
ip route 0.0.0.0 0.0.0.0 192.168.1.2
snmp-server set  rlSshServerEnablePublicKeyAuthAutoLogin rlSshServerEnablePublicKeyAuthAutoLogin enable
snmp-server set  rlSshServerEnablePasswordAuthentication rlSshServerEnablePasswordAuthentication enable
0
 
InfamusCommented:
I would try to remove ip relay on the vlan interface and use ip helper-address instead and see what happens.  Since you have ip routing enabled, it should work.

If not, we can start troubleshooting what's going on.

I prefer using ip helper rather than using ip relay.
0
 
WebccAuthor Commented:
Well I decided to reboot the server and like magic everything started working again.   Something must have been hung, no event logs.  Tried removing ip relay and leaving the helper but it wouldn't work.  Had to put the relays back and I removed the helper -everything is good.  Might be a SG300 thing.  Thanks for the help!
0
 
InfamusCommented:
i'm glad it's working now.  However you might consider this.

ip helper-address and dhcp relay are not the same and there are significant differences.

 
ip helper-address does much more than just DHCP. By default ip helper-address will forward broadcasts for these protocols: UDP 69 (TFTP), UDP 53 (DNS), UDP 37 (time service), UDP 137 (NetBIOS Name Server), UDP 138 (NetBIOS Datagram Server), UDP 67 and 68 (BOOTP client and server/DHCP), UDP 49 (TACACS), and UDP 116 (Name Service). Additional protocols can be enabled for forwarding using the command ip forward-protocol.

 
for DHCP ip helper-address will take the DHCP request from the client and forward it (unchanged) to the DHCP server. DHCP relay the router receives the DHCP request from the client and builds a new request to send to the server (which gives the router an opportunity to add information in the request about the router).
0
 
WebccAuthor Commented:
So I should try to get the helper service working or at least make sure it is running in addition to the relay?  Did not work for DHCP requests on it's own.
0
 
Craig BeckCommented:
Just something to note, but I'd remove the DHCP relay service from the Windows server.  You only need the DHCP relay on the Windows server if you want to 'relay' DHCP requests through it - not to it.
0
 
InfamusCommented:
If this is production and everything is working, I would just leave it as is for now and plan on using ip dhcp helper on your maintenance window.
0
 
Craig BeckCommented:
I agree with that - I'm just talking about removing it from the server.  It'll never be used but could cause issues.
0
 
InfamusCommented:
And yes, you are right craig.

I would remove that as well.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 7
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now