Switch 4500 VLan

Unanswered Question
Feb 5th, 2009
User Badges:

i face a problem with the VLAN , i try to create more than one VLAN and there is a Microsoft DHCP server to provide the IP address , i create the vlan and there is a ping between the vlans on the core switch and i can get an ip address form the dhcp server which is 10.0.12.15 but it didn't work on other vlan and i use ip helper address with no use , but there is something strange happen when i use static ip on a pc on any vlan it can't ping any pc on the native vlan until it ping on it so i clear words i have a native vlan 10.0.12.X and VLAN 4 10.0.3.X i can't ping any pc form vlan 4 to vlan 1 until i do the same form vlan 1 to vlan 4 first then it work , so how can i solve the dhcp problem , with the attached is the configuration , please help



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.prince@m... Thu, 02/05/2009 - 07:38
User Badges:
  • Green, 3000 points or more

If you want to communicate from a vlan to another vlan you MUST have a layer 3 interface for the VLAN.


From your config - taking vlan 189 for example. Even if you open this interface and put a port into the vlan - the PC will NOT be able to ping or do anything. As the frame is layer 2 with a vlan id of 189. Without a layer 3 interface IP will not work - you need a layer 3 interface to break out the layer 2 frame.


From you config - which vlan is not getting a DHCP IP address from your DHCP server?

wfares@gce.com.jo Thu, 02/05/2009 - 07:42
User Badges:

all vlans didnt get an ip address fornt eh dhcp server except it works with the native vlan 10.0.12.2 but as i think the 4500 switch is a layer 3 device so it can route between the vlans

andrew.prince@m... Thu, 02/05/2009 - 07:56
User Badges:
  • Green, 3000 points or more

OK - have you defined the scopes in the DHCP server in the correct range?


The VLAN interface has to have an IP address.


An example would be:-


The DHCP server 192.168.1.1



int vlan 1

ip address 192.168.1.254 - native vlan


int vlan 33 - frames tagged with vlan id 33

ip address 192.168.33.254

ip helper-address 192.168.1.254

!

int vlan 66 - frames tagged with vlan id 66

ip address 192.168.66.254

p helper-address 192.168.1.254

!

int vlan 99 - frames tagged with vlan id 99

ip address 192.168.99.254

ip helper-address 192.168.1.254


When a device on vlan 66 requests an IP address via DHCP, the vlan interface will receive it (as it's a broadcast)

and the forward it on, acting as a "proxy". the DHCP server will recevie a request for an IP address from 192.168.66.254

then reply with an IP address out of the scope of address 192.168.66.x - a simple breakdown and explaination.


HTH>

wfares@gce.com.jo Thu, 02/05/2009 - 08:04
User Badges:

so if i do the the following will it work or not the dhcp server ip address is 10.0.12.15 if i use for the helper address dose it work or i have to use the ip address of the native vlan which is 10.0.12.2 as an helper address

andrew.prince@m... Thu, 02/05/2009 - 08:14
User Badges:
  • Green, 3000 points or more

Add the below to each VLAN layer 3 interface that you want machines in the VLAN to get an IP address from the DHCP server:-


int vlan xxx

ip helper-address 10.0.12.15


The DHCP server MUST have a scope of addresses that MATCHES the IP address of the VLAN Layer 3 interface IP.


HTH>

wfares@gce.com.jo Thu, 02/05/2009 - 11:48
User Badges:

so as i have understnad if i create a dhcp scop 10.0.3.x and creat a vlan 4 with ip addrees 10.0.3.1 will not work the vlan ID must match the scop like


vlan 3 10.0.3.x /24

vlan 4 10.0.4.x /24

andrew.prince@m... Thu, 02/05/2009 - 12:12
User Badges:
  • Green, 3000 points or more

NO - the VLAN IP addresses MUST match the scope in your example:-


vlan 3 - 10.0.3.x/24 = scope 10.0.3.x/24


vlan 4 - 10.0.4.x/24 = scope 10.0.4.x/24


if you wanted to allocate 10.0.3/4 in a scope then you would have:-


vlan3 - 10.0.3.x/23 = scope 10.0.3.1 <> 10.0.4.254/23


This is basic IP subnetting & VLSM.

HTH>

wfares@gce.com.jo Sun, 02/08/2009 - 03:48
User Badges:

well after trying everything i get the following

1- When i use a client on the same VLAN as the DHCP server it work great without any problem


2 - when i use the same pc on another vlan and use a static IP address it work and ping between the two vlan great


3 - but when i use the same pc with dhcp on the other vlan it didn't work i try to debug the dhcp traffic and it give me as in the attached file so where will be the problem now , can u help




andrew.prince@m... Sun, 02/08/2009 - 04:16
User Badges:
  • Green, 3000 points or more

The switch is passing on the DHCP request - the server is responding with an IP address for the machine = all looks OK.


Post the config of the core switch - remove any sensitive information (passwords etc)

wfares@gce.com.jo Sun, 02/08/2009 - 04:19
User Badges:

dose the ip route has any relation in this because i didn't use it i delete the ip route and the default gateway

andrew.prince@m... Sun, 02/08/2009 - 04:25
User Badges:
  • Green, 3000 points or more

Let me ask you:-


What does an IP route do?

What does a default route do?


Then you decide if you need them on a core switch that has layer 3 interfaces that connect directly to VLAN 1 that has the DHCP server connected, another VLAN that has a PC directly connected.

Actions

This Discussion