×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Helper Address on a ONLY Layer 2 aware Switch

Unanswered Question
Nov 9th, 2014
User Badges:

Hi, 

     Been scratching my head for a while now, i don't know why a switch even has the " Ip helper address" command, Dosent it need routing to acomplish this kind of a task? 

I have a switch with 2 SVI's, fair enough, one for Vlan 10 and the other for Vlan 20,

 

Vlan 10 = 192.168.10.0/24

Vlan 20 = 192.168.20.0/24

I have a DHCP server on vlan 10, with the IP address 192.168.10.1, Now it has scopes for vlan 20 as well, i go into vlan 20 and do this:

 

# interface vlan 20

# ip address 192.168.20.1 255.255.255.0

#ip helper address 192.168.10.1 

 

Now this should work right? but it dosen't !( Ive seen in Wireshark that it dosent even forward the DISCOVER Message on to SVI 10's Vlan 10 ports) ..But it does work when we configure a DEFAULT GATEWAY for the switch and the DHCP server is on a REMOTE Location where the switch does not have and interface directly connected to! what is this? its like blowing my mind! please elaborate

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Karsten Iwen Mon, 11/10/2014 - 01:42
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, VPN

If it's really a L2-switch, then you shouldn't configure the ip helper on this device. It should be configured on a L3-switch or on a router on the vlan20.

And you can't have more then one SVI active at the same time on a L2-switch, look at "show ip int brief", if vlan20 is up, then vlan10 should be down.

On a L2-switch you only need the "interface vlan" to manage the switch, but the ip-address on the switch should never be used by any client as a gateway.

Ahmed Mukhtar Thu, 11/13/2014 - 03:23
User Badges:

Yes Karsten you are right, without a gateway it dosent work, Thanks for your feedback

devils_advocate Mon, 11/10/2014 - 05:35
User Badges:
  • Gold, 750 points or more
  • Community Spotlight Award,

    Small Business, November 2015

If this is a Layer 2 only switch then I cannot see how a helper address would work.

The SVI's you have created are going to be for management, they cannot be the Default Gateways of the Vlans IF the switch is Layer 2 only.

When your clients send out a DHCPDISCOVER message, that frame will hit the SVI address because its a 'host' on that same vlan that the client is on.

If this were a Layer 3 SVI (i.e on a Layer 3 switch) then it would forward that frame to the helper address configured. In order for the Layer 3 switch to forward the frame, it needs to do a lookup in its routing table for the destination subnet.

This is a layer 2 switch, is has no routing table so will be unable to forward the DHCPDISCOVER message to the helper address.

See here (Peters post) for an explanation of why the Layer 2 switch can act as a DHCP relay if the DHCP server is on a remote subnet:

https://supportforums.cisco.com/discussion/11385901/does-ip-helper-addre...

Ahmed Mukhtar Thu, 11/13/2014 - 03:25
User Badges:

yup ive looked into Peter's Post and your reply was quite helpful...Thanks!

Actions

This Discussion