Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DHCP Crossing VLANS!?!?

Problem: We have a lab router (2620) on the outside of our local LAN. The router is set up do give public IP's. It is connected to the local LAN by a VLAN (island). A few days ago we had a hand full of user on a completely separate internal VLAN pull IP's from this "external" router. We shut down the port while we looked in to it. We found nothing that would elude to this being able to happen. We re-enabled the port and haven't had any more issues. So I was hoping someone could enlighten me on what might have taken place.


Re: DHCP Crossing VLANS!?!?

Do you have ANY possible physical path from that interface to the vlan where the users are? Could someone have inadvertently cross-connected something unintentionally or other (even as a test)? You can forward IP requests that would cross VLAN boundaries via DHCP helper-address, but it will still only provide IP addresses suitable for the interface (and ANY interface) physically connected to the users' VLAN or physical segment.

I have seen users connect a linksys router onto a network, and the linksys will then provide bogus addresses for the network; but that's perfectly explainable, as it's effectively a DHCP server directly connected.

CreatePlease login to create content