DCHP from one VLAN to another using one DHCP Svr?

Answered Question
Mar 1st, 2009

Hello,

I'm working in a home lab with a 2950 switch and a 2611 router. The switch is configured with two VLANs (10 and 20). There is one host connected to a port on VLAN 10 (F0/3). VLAN 20 contains two hosts (F0/5 and F0/7). Switch port F0/15 is connected to the router's e0/0 interface. F0/15 is setup as a trunk port. The router is running IOS c2600-d-mz.121-27b (supports 802.1q).

The host on switch port F0/5 is on the same subnet as F0/7. F0/7 is running a DHCP server. F0/5 gets it IP from the DHCP server. The host on F0/3 VLAN 10 does not have an IP address. I would like this host to receive a different subnet IP address using the DHCP server.

I have two scopes setup on the dhcp server. One for the 192.168.10.0 network and one for 172.16.10.0. Sub interfaces are setup on the e0/0 of the router. Each sub interface is configured with dot1q encapsulation and an IP address for the different subnet. I want the host on switch port F0/3 to recieve and IP address from the 172.16.10 scope.

Note: When I configure the host on F0/3 with an IP address on the 172.16.10.0 network I can ping the other hosts on the 192 network. So, the trunk is working properly. What am I missing?

[Here is snapshot of the running config of the router.]

interface Ethernet0/0

no ip address

!

interface Ethernet0/0.1

encapsulation dot1Q 10

ip address 192.168.10.254 255.255.255.0

ip helper-address 192.168.10.1

!

interface Ethernet0/0.2

encapsulation dot1Q 200

ip address 172.16.10.254 255.255.255.0

ip helper-address 192.168.10.1

[Here is a snapshot of the switch]

interface FastEthernet0/3

switchport access vlan 20

no ip address

duplex full

speed 100

interface FastEthernet0/5

switchport access vlan 10

no ip address

!

interface FastEthernet0/6

switchport access vlan 10

no ip address

!

interface FastEthernet0/7

switchport access vlan 10

no ip address

interface FastEthernet0/15

switchport mode trunk

no ip address

interface Vlan1

no ip address

no ip route-cache

shutdown

!

ip default-gateway 192.168.10.254

Correct Answer by Richard Burts about 7 years 11 months ago

HM

I am glad that it is solved. Yes it is frequently the simplest mistakes that cause the perplexing issues.

If the issue is solved the perhaps you can use the ratint system to indicate that the issue is solved? This would allow other readers in the forum to take advantage of the discussion here.

HTH

Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
glen.grant Sun, 03/01/2009 - 20:05

Turn on portfast on your switchports that pc's will be attached to . Also verify on the switch that the layer 2 vlan was created on the switch with the show vlan command . Also on your subinterface you have "dot1q encapsulation 200" instead of 20 .

hackermuscle Mon, 03/02/2009 - 18:18

Vlan 20 was a typo.

Still no joy with enabling portfast on the host interfaces. Here's the running config from the switch.

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

!

ip subnet-zero

!

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/3

switchport access vlan 200

speed 100

duplex full

spanning-tree portfast

!

!

interface FastEthernet0/5

switchport access vlan 10

spanning-tree portfast

!

!

interface FastEthernet0/7

switchport access vlan 10

spanning-tree portfast

!

!

interface FastEthernet0/15

switchport mode trunk

!

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan10

ip address 192.168.10.30 255.255.255.0

no ip route-cache

!

interface Vlan200

no ip address

no ip route-cache

shutdown

!

Thx

Richard Burts Mon, 03/02/2009 - 20:17

HM (or whoever you are)

Is the device that is running as the DHCP server really on address 192.168.10.1? And if so does it really have an appropriate scope defined for 172.16.10.0?

My guesses are either that the server address does not match the helper address or that its scope is not correctly configured (including the correct default gateway address).

HTH

Rick

hackermuscle Tue, 03/03/2009 - 07:12

Yes. The DHCP server's TCP/IP address is 192.168.10.1. The hosts on VLAN 10 receive IP addresses dynamically from this server without any problem.

I verified the scope this morning. It is a Windows 2003 Server DHCP configuration. Basically, a wizard does all the work for me. :)

Just a reminder. When I configure the host on VLAN 200 with a static IP address 172.16.10.10 for example, I can ping the hosts on the 192 network as well as the 172.16 sub interface on the router. So, the trunk works.

I don't see any DHCP broadcasts while running Wireshark on the 192.168.10.1 interface when trying to renew address of the host on VLAN 200. The packets don't appear to be making it out of e0/0 on the router.

Is the IP helper-address configuration on the correct interface? e0/0 is not assigned an IP. e0/0.1 is on the 192 net and e0/0.2 is on the 172 network.

Thanks

Richard Burts Tue, 03/03/2009 - 14:15

HM

If the DHCP server address is really 192.168.10.1 then the helper-address is configured correctly.

As for running Wireshark on the 192.168.10.1 interface, you will not see any broadcasts from VLAN 200. What the helper-address configuration does is to receive the broadcast request received by the interface and build a unicast message to the helper address and forward it. So the server will receive these requests from VLAN 200 as unicast and not as broadcast.

Is the scope for 172.16.10.0 set up as a separate scope or is it part of a superscope?

Also I notice in the config that you originally posted that you have configured a helper-address under interface Ethernet0/0.1. Since this is the VLAN/subnet where the DHCP server is located you do not need the helper-address configured on that interface. You only need the helper-address on interfaces which will receive the DHCP broadcast request and need to forward to a remote subnet where the DHCP server is located.

HTH

Rick

hackermuscle Tue, 03/03/2009 - 14:44

Hi Rick,

Understood about the unicast packets. In any case, I don't see any traffic on the DHCP server's interface when updating the host on VLAN 200.

I'm definitely not using a superscope. I know that is where a lot of folks get into trouble.

Yes, I do have the ip helper-address configured on e0/0.1 and e0/0.2 sub interfaces. I will remove the statement from e0/0.1. Do you think this is the cause of the problem?

Thanks

Richard Burts Tue, 03/03/2009 - 15:03

HM

While I would suggest that you remove the helper-address from the e0/0.1 since it is not needed, I do not believe that having it there causes any problem.

Is it possible that the router is configured with no service dhcp?

HTH

Rick

hackermuscle Tue, 03/03/2009 - 16:25

Solved. OMG! It's always the simplest mistakes that cause the biggest issues.

DHCP Scope was 172.16.0.0

e0/0.2 was 172.16.10.0

Duh..

My host received an IP address from the DHCP server on the other VLAN. Yippee.

Thanks for everyone's help on this.

Correct Answer
Richard Burts Tue, 03/03/2009 - 20:21

HM

I am glad that it is solved. Yes it is frequently the simplest mistakes that cause the perplexing issues.

If the issue is solved the perhaps you can use the ratint system to indicate that the issue is solved? This would allow other readers in the forum to take advantage of the discussion here.

HTH

Rick

hackermuscle Mon, 03/02/2009 - 18:35

Switch#show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/4, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gi0/1 Gi0/2

10 VLAN0010 active Fa0/5, Fa0/6, Fa0/7

200 VLAN0200 active Fa0/3

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

Actions

This Discussion