3650 routiing help

Unanswered Question
Jun 7th, 2007

I have an network that has 172.17.0.x as the main backbone, and I have a couple of buildings that I need to have DHCP client PCs installed. I have a 3650 to use for the building and everything on the backbone is statically routed.

I would like to have DHCP within the building on the switch lets say 10.10.1.x.

I have the switch doing DHCP for 10.10.1.x with a gateway of 10.10.1.1.

I am not sure how to ge the routing side of the switch to make the connection.

Any help would be appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mohammedmahmoud Thu, 06/07/2007 - 21:34

Hi,

The Cisco 3650 is a L3 switch, it will be able to do the inter-VLAN routing for you, you should have 2 SVI interfaces (VLAN interfaces) one for each IP subnet, and each host that belong to each of the VLANs should have the ip address of the VLAN interface as its default gateway, and the routing will be done with no static routes on the switch as both interfaces are directly connected to the L3 switch (if your VLANs are spanned over more than one switch you'll need static routing between them), your configuration should look something like this:

ip routing

interface VLAN x

ip address 10.10.1.1 255.255.255.0

ip dhcp excluded-address 10.10.1.1

ip dhcp pool Clients

network 10.10.1.0 /24

domain-name

default-router 10.10.1.1

dns-server - up to 8

netbios-name-server - up to 8

netbios-node-type

lease {days [hours][minutes] | infinite}

You can use only the DHCP options that you need:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75c.html

And you should have the other network on another VLAN as follows:

interface VLAN y

ip address 172.17.0.1 255.255.255.0

I hope that i've been informative.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

tgatton Sun, 06/10/2007 - 13:01

Since the 17.0.x.x side is statically connected do I need to assign a specific interface an address on that side?

mohammedmahmoud Sun, 06/10/2007 - 13:25

Hi,

Yes, as a best practice each IP subnet should be assigned to a separate VLAN and each one should have a SVI interface (interface VLAN) to be able to route between them, or if there is already layer 3 interface and routing for the 172 subnet then no need for an SVI interface.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

tgatton Mon, 06/11/2007 - 10:47

I have the DHCP woorking however it seems that I cannot get the IP routing to 17 network going. I have tried several things however I am not being sucsessful. Please help me understand what I am missing. Below is a copy of the config file and any help would be GREATLY appreciated.

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname library

!

enable secret 5 $1$o831$EVDBE8ryFhlJ/d0etHgrX0

enable password plymouth

!

no aaa new-model

ip subnet-zero

ip routing

ip name-server 172.17.0.4

ip name-server 172.17.0.5

ip dhcp excluded-address 10.10.1.1

!

ip dhcp pool lib-1

import all

network 10.10.1.0 255.255.255.0

default-router 10.10.1.1

dns-server 172.17.0.4 172.17.0.5

!

ip dhcp-server 10.10.1.1

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

interface FastEthernet0/1

switchport access vlan 3

!

interface FastEthernet0/2

switchport access vlan 2

!

interface FastEthernet0/3

switchport access vlan 2

!

interface FastEthernet0/4

switchport access vlan 2

!

interface FastEthernet0/5

switchport access vlan 2

!

interface FastEthernet0/6

switchport access vlan 2

!

interface FastEthernet0/7

switchport access vlan 2

!

interface FastEthernet0/8

switchport access vlan 2

!

interface FastEthernet0/9

switchport access vlan 2

!

interface FastEthernet0/10

switchport access vlan 2

!

interface FastEthernet0/11

switchport access vlan 2

!

interface FastEthernet0/12

switchport access vlan 2

!

interface FastEthernet0/13

switchport access vlan 2

!

interface FastEthernet0/14

switchport access vlan 2

!

interface FastEthernet0/15

switchport access vlan 2

!

interface FastEthernet0/16

switchport access vlan 2

!

interface FastEthernet0/17

switchport access vlan 2

!

interface FastEthernet0/18

switchport access vlan 2

!

interface FastEthernet0/19

switchport access vlan 2

!

interface FastEthernet0/20

switchport access vlan 2

!

interface FastEthernet0/21

switchport access vlan 2

!

interface FastEthernet0/22

switchport access vlan 2

!

interface FastEthernet0/23

switchport access vlan 2

!

interface FastEthernet0/24

switchport access vlan 2

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

shutdown

!

interface Vlan2

ip address 10.10.1.1 255.255.255.0

!

interface Vlan3

ip address 172.17.0.212 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.17.0.1

ip http server

!

!

!

control-plane

!

!

line con 0

line vty 0 4

password plymouth

no login

line vty 5 15

password plymouth

no login

!

!

end

royalblues Mon, 06/11/2007 - 11:03

DO you mean to say that you are not able to communicate between the 10.10 & 172.17 networks.

If the gateway for the 172.17.X.X networks is not the L3, then you would require a reverse on the router/gateway for the 10.10.x.x network

HTH, rate if it does

Narayan

tgatton Mon, 06/11/2007 - 12:46

That is correct.

The main backbone is 172.17.x.x/24. I am trying to get 10.10.1.x on the switch and the outside traffic through the 172.17.x.x network to the outside.

tgatton Mon, 06/11/2007 - 12:49

This is the connection to the 172.17.x.x. So just like a router I thought you make the vlan virtual interface as a regular address then have the default route go to the 0.1 device.

Is that the way to do this config?

tgatton Mon, 06/11/2007 - 12:04

I have the DHCP woorking however it seems that I cannot get the IP routing to 17 network going. I have tried several things however I am not being sucsessful. Please help me understand what I am missing. Below is a copy of the config file and any help would be GREATLY appreciated.

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname library

!

enable secret xxx

enable password plymouth

!

no aaa new-model

ip subnet-zero

ip routing

ip name-server 172.17.0.4

ip name-server 172.17.0.5

ip dhcp excluded-address 10.10.1.1

!

ip dhcp pool lib-1

import all

network 10.10.1.0 255.255.255.0

default-router 10.10.1.1

dns-server 172.17.0.4 172.17.0.5

!

ip dhcp-server 10.10.1.1

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

interface FastEthernet0/1

switchport access vlan 3

!

interface FastEthernet0/2

switchport access vlan 2

!

interface FastEthernet0/3

switchport access vlan 2

!

interface FastEthernet0/4

switchport access vlan 2

!

interface FastEthernet0/5

switchport access vlan 2

!

interface FastEthernet0/6

switchport access vlan 2

!

interface FastEthernet0/7

switchport access vlan 2

!

interface FastEthernet0/8

switchport access vlan 2

!

interface FastEthernet0/9

switchport access vlan 2

!

interface FastEthernet0/10

switchport access vlan 2

!

interface FastEthernet0/11

switchport access vlan 2

!

interface FastEthernet0/12

switchport access vlan 2

!

interface FastEthernet0/13

switchport access vlan 2

!

interface FastEthernet0/14

switchport access vlan 2

!

interface FastEthernet0/15

switchport access vlan 2

!

interface FastEthernet0/16

switchport access vlan 2

!

interface FastEthernet0/17

switchport access vlan 2

!

interface FastEthernet0/18

switchport access vlan 2

!

interface FastEthernet0/19

switchport access vlan 2

!

interface FastEthernet0/20

switchport access vlan 2

!

interface FastEthernet0/21

switchport access vlan 2

!

interface FastEthernet0/22

switchport access vlan 2

!

interface FastEthernet0/23

switchport access vlan 2

!

interface FastEthernet0/24

switchport access vlan 2

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

shutdown

!

interface Vlan2

ip address 10.10.1.1 255.255.255.0

!

interface Vlan3

ip address 172.17.0.212 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.17.0.1

ip http server

!

!

!

control-plane

!

!

line con 0

line vty 0 4

password xx

no login

line vty 5 15

password xx

no login

!

!

end

thotsaphon Mon, 06/11/2007 - 18:43

Hi tgatton.

Do you want 10.10.1.0/24 subnet go to outside through a Cisco2600?

Have you assigned a port that connected to the fiber man with the vlan 3? Please do it.

Could you issue show ip route command on the Cisco2600?

Did the Cisco2600 know about 10.10.1.0/24 subnet or not? If the Cisco2600 didn't know that you need to add this command on it.

Cisco2600(config#ip route 10.10.1.0 255.255.255.0 172.17.0.212

Hope this helps

L.Thot

tgatton Tue, 06/12/2007 - 05:00

Hi, l Thot

Yes there is a route in the 172.17.0.x router to indicate a route as spcified.

So if this is the case is the basic config file one that should work or should I be changing something?

mohammedmahmoud Mon, 06/11/2007 - 22:59

Hi,

As Narayan has suggested this is most probably a reverse route problem on the 2600 (there must be a route back to the 10.10.1.x network), can you make sure, and if you'd like paste the configuration of the 2600.

[edit] sorry Thot, i didn't see your post, but your suggestion is also what we all agree upon, yes you are right.

HTH,

Mohammed Mahmoud.

thotsaphon Tue, 06/12/2007 - 06:21

Hi tgatton.

What is your problem?

A.From 10.10.10.x network can't reach to 172.17.0.1.

B.From 10.10.10.x network can't reach to outside network.

If A:Can you do ping command from clients on 10.10.1.x network to 172.17.0.1? How about?

If it still can't work please show us with the routing table on Cisco2600.

If B:What is meaning of outside network?

If it is internet then you need do nat for 10.10.10.x network.

tgatton Wed, 06/13/2007 - 04:09

Basically, my problem was I posted a config that was not working, and was wondering why it was not working. The config I posted is in the initial postings.

Below is the final config that does work.

Current configuration : 2418 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname blahblahblah

!

enable secret 5

enable password xxxxxxxx

!

username root secret 5

no aaa new-model

ip subnet-zero

ip routing

ip name-server 172.17.0.4

ip name-server 172.17.0.5

ip dhcp excluded-address 10.10.1.1

!

ip dhcp pool lib-1

import all

network 10.10.1.0 255.255.255.0

default-router 10.10.1.1

dns-server 172.17.0.x 172.17.0.x

!

ip dhcp-server 10.10.1.1

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

interface FastEthernet0/1

no switchport

ip address 172.17.0.xxx 255.255.255.0

!

interface FastEthernet0/2

switchport access vlan 2

!

interface FastEthernet0/3

switchport access vlan 2

!

interface FastEthernet0/4

switchport access vlan 2

!

interface FastEthernet0/5

switchport access vlan 2

!

interface FastEthernet0/6

switchport access vlan 2

!

interface FastEthernet0/7

switchport access vlan 2

!

interface FastEthernet0/8

switchport access vlan 2

!

interface FastEthernet0/9

switchport access vlan 2

!

interface FastEthernet0/10

switchport access vlan 2

!

interface FastEthernet0/11

switchport access vlan 2

!

interface FastEthernet0/12

switchport access vlan 2

!

interface FastEthernet0/13

switchport access vlan 2

!

interface FastEthernet0/14

switchport access vlan 2

!

interface FastEthernet0/15

switchport access vlan 2

!

interface FastEthernet0/16

switchport access vlan 2

!

interface FastEthernet0/17

switchport access vlan 2

!

interface FastEthernet0/18

switchport access vlan 2

!

interface FastEthernet0/19

switchport access vlan 2

!

interface FastEthernet0/20

switchport access vlan 2

!

interface FastEthernet0/21

switchport access vlan 2

!

interface FastEthernet0/22

switchport access vlan 2

!

interface FastEthernet0/23

switchport access vlan 2

!

interface FastEthernet0/24

switchport access vlan 2

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

!

interface Vlan2

ip address 10.10.1.1 255.255.255.0

!

interface Vlan3

no ip address

shutdown

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.17.0.1

ip http server

!

!

!

control-plane

!

!

line con 0

line vty 0 4

password xxxxxxxx

no login

line vty 5 15

password xxxxxxxx

no login

!

!

end

Actions

This Discussion