Link to home
Start Free TrialLog in
Avatar of Damian Gardner
Damian Gardner

asked on

DHCP for a new, 2nd subnet

Hello - we currently have a class C subnet on VLAN 1 over our Cisco switch stack.  We are running out of IP's, so we have added a 2nd VLAN 2 and confirmed thru Cisco support that the 2 VLANs are able to talk to each other now.  My question is how do I properly add the 2nd subnet scope on our DHCP server so that the new address can be assigned to clients in need?  I have created a new scope, but it does not seem to work on a test client that is connected to a switch port that is set to "VLAN 2".  the client only works with a static "VLAN 2 address".  Thanks for your help.
Avatar of Member_2_760301
Member_2_760301
Flag of Ireland image

Hi,

Is the DHCP server on the Cisco Switch?
You need to implement DHCP Relaying and the configuration depends on how to this depending on what is hosting the DHCP server.

If you are using CISCO, you need to create Switch Virtual Interface – SVI on each vlan as your next step ... have a look at this: https://supportforums.cisco.com/discussion/12023411/how-do-i-make-windows-dhcp-work-vlans

If you are using Windows ... have a look at this: https://community.spiceworks.com/topic/123943-multiple-vlan-s-using-a-single-dhcp-server-via-dhcp-relay-agent
Avatar of Matty-CT
Matty-CT

I can't comment on the advice above but only give advice based upon solutions I've implemented for my customers. What you need to read up on is the "IP helper" command. Basically it is a statement in the VLAN config for the switch telling the switch that DHCP requests for the subnet on VLAN2 should be passed on to the DHCP server on VLAN1.

On the VLAN1 DHCP server you create a new scope with the IP pool and settings for VLAN2. With the IP Helper command properly implemented, devices on VLAN2 requesting DHCP lease will have their requests passed on to the server on VLAN1. It's really quite easy once you know the proper commands and have the switch configured properly. If you're comfortable with VLAN configuration and basic routing configurations this shouldn't be a problem for you to bang out.

I'm a ProCurve "guy" so the syntax might be slightly different but the result is the same.

Matt
ASKER CERTIFIED SOLUTION
Avatar of Matty-CT
Matty-CT

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Damian Gardner

ASKER

Thanks for everyone's input.  The DHCP server is not on the switch - it's on a Windows server in the VLAN 1 subnet.  A question I have is how is the 2nd subnet scope I've created (192.168.2.x) associated with the VLAN 2?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hi Damian,

That's exactly what I was saying. In my config statement 10.0.1.10 is the IP address of a DHCP server, not anything configured on the switch. In fact, at one of my customer's office this is exactly what happens. Windows devices on VLAN2 get their IP addresses from the Windows 2012 DHCP server residing on VLAN1 with IP address 10.0.1.10. The IP Helper command on the VLAN2 interface tells the switch to forward DHCP requests for VLAN2 to the DHCP server listed. Anyway, good luck.

Matt
sorry for my delay, everyone - too much going on here these days.

Matt - ok yeah, you're right.  I was able to use the ip helper command (with a Cisco engineers help) to relay the DHCP requests between the vlans.  I think everyone made accurate points, so thanks to MasnRock and others for your help.  I'm 90% now - after several hours on the phone with Cisco in order to get the VLANS talking to each other, and then creating a superscope on the DHCP server, my test client is now receiving an IP address from the 2nd scope.  Only problem now, is it does not get out to the Internet for some reason.  I'm waiting for Cisco to reconnect and take a look to see why.  If anyone has any idea, let me know.  But the DHCP element is working - thanks!
I would just be asking whether you have the appropriate routes for the second VLAN defined. That's the most likely culprit. Can you ping things on the internet from the second VLAN?
Glad to hear that you're making progress. I would think that if the devices can ping each other across the vlan interfaces then it is most likely an issue with the the default gateway defined in the DHCP scope options. Anyway, don't let my 'level 2' 'buck private' status fool you; I've been doing this for 25 years but don't have much spare time for this site. I hope you get it all sorted out!
Masnrock - I'll have the Cisco engineer check the routes - he's calling me tonight.

Matty - thanks for the well wishes :)

I'm out tomorrow, but will update you guys soon.

Thanks!
Thanks for your help guys.  Cisco resolved it.  Two of their specialists colluded for 30 minutes on the ASA and figured out the routing iussues.  It was all Greek to me though.  thanks for your help!