Switch 4500 VLan

Unanswered Question
Feb 5th, 2009

i face a problem with the VLAN , i try to create more than one VLAN and there is a Microsoft DHCP server to provide the IP address , i create the vlan and there is a ping between the vlans on the core switch and i can get an ip address form the dhcp server which is but it didn't work on other vlan and i use ip helper address with no use , but there is something strange happen when i use static ip on a pc on any vlan it can't ping any pc on the native vlan until it ping on it so i clear words i have a native vlan 10.0.12.X and VLAN 4 10.0.3.X i can't ping any pc form vlan 4 to vlan 1 until i do the same form vlan 1 to vlan 4 first then it work , so how can i solve the dhcp problem , with the attached is the configuration , please help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
andrew.prince@m... Thu, 02/05/2009 - 07:38

If you want to communicate from a vlan to another vlan you MUST have a layer 3 interface for the VLAN.

From your config - taking vlan 189 for example. Even if you open this interface and put a port into the vlan - the PC will NOT be able to ping or do anything. As the frame is layer 2 with a vlan id of 189. Without a layer 3 interface IP will not work - you need a layer 3 interface to break out the layer 2 frame.

From you config - which vlan is not getting a DHCP IP address from your DHCP server?

wfares@gce.com.jo Thu, 02/05/2009 - 07:42

all vlans didnt get an ip address fornt eh dhcp server except it works with the native vlan but as i think the 4500 switch is a layer 3 device so it can route between the vlans

andrew.prince@m... Thu, 02/05/2009 - 07:56

OK - have you defined the scopes in the DHCP server in the correct range?

The VLAN interface has to have an IP address.

An example would be:-

The DHCP server

int vlan 1

ip address - native vlan

int vlan 33 - frames tagged with vlan id 33

ip address

ip helper-address


int vlan 66 - frames tagged with vlan id 66

ip address

p helper-address


int vlan 99 - frames tagged with vlan id 99

ip address

ip helper-address

When a device on vlan 66 requests an IP address via DHCP, the vlan interface will receive it (as it's a broadcast)

and the forward it on, acting as a "proxy". the DHCP server will recevie a request for an IP address from

then reply with an IP address out of the scope of address 192.168.66.x - a simple breakdown and explaination.


wfares@gce.com.jo Thu, 02/05/2009 - 08:04

so if i do the the following will it work or not the dhcp server ip address is if i use for the helper address dose it work or i have to use the ip address of the native vlan which is as an helper address

andrew.prince@m... Thu, 02/05/2009 - 08:14

Add the below to each VLAN layer 3 interface that you want machines in the VLAN to get an IP address from the DHCP server:-

int vlan xxx

ip helper-address

The DHCP server MUST have a scope of addresses that MATCHES the IP address of the VLAN Layer 3 interface IP.


wfares@gce.com.jo Thu, 02/05/2009 - 11:48

so as i have understnad if i create a dhcp scop 10.0.3.x and creat a vlan 4 with ip addrees will not work the vlan ID must match the scop like

vlan 3 10.0.3.x /24

vlan 4 10.0.4.x /24

andrew.prince@m... Thu, 02/05/2009 - 12:12

NO - the VLAN IP addresses MUST match the scope in your example:-

vlan 3 - 10.0.3.x/24 = scope 10.0.3.x/24

vlan 4 - 10.0.4.x/24 = scope 10.0.4.x/24

if you wanted to allocate 10.0.3/4 in a scope then you would have:-

vlan3 - 10.0.3.x/23 = scope <>

This is basic IP subnetting & VLSM.


wfares@gce.com.jo Sun, 02/08/2009 - 03:48

well after trying everything i get the following

1- When i use a client on the same VLAN as the DHCP server it work great without any problem

2 - when i use the same pc on another vlan and use a static IP address it work and ping between the two vlan great

3 - but when i use the same pc with dhcp on the other vlan it didn't work i try to debug the dhcp traffic and it give me as in the attached file so where will be the problem now , can u help

andrew.prince@m... Sun, 02/08/2009 - 04:16

The switch is passing on the DHCP request - the server is responding with an IP address for the machine = all looks OK.

Post the config of the core switch - remove any sensitive information (passwords etc)

wfares@gce.com.jo Sun, 02/08/2009 - 04:19

dose the ip route has any relation in this because i didn't use it i delete the ip route and the default gateway

andrew.prince@m... Sun, 02/08/2009 - 04:25

Let me ask you:-

What does an IP route do?

What does a default route do?

Then you decide if you need them on a core switch that has layer 3 interfaces that connect directly to VLAN 1 that has the DHCP server connected, another VLAN that has a PC directly connected.


This Discussion