I'm looking for documentation on best practices or recommendations for the following configuration:
Should an 'ip helper-address' command be added to voice vlans on downstream switches? For example, sw-core, sw-dist, and sw-acc are switches in a linear configuration with L2 trunk ports configured between:
let's say that I have access vlan 100 and voice vlan 200 and that ip phones could be connected to any/all of the switches. I have enabled the ip helper-address on [sw-core]. On which downstream switch(es) should I enable the 'ip helper-address' command and why?
Note: the DHCP servers are directly connected to [sw-core].
2nd Note: I have tried both configs (dis/enabling ip helper-address on all downstream switches) and haven't run into any problems, but I just want to make sure that I don't head in the wrong direction in the long run.
I am not clear from your description which switches are operating as layer2/3 switches and which are operating only as layer2 switches. Not knowing that I will answer your question this way: it is essential that every VLAN have at least one layer 3 interface with ip helper-address configured if there is not a DHCP server in that VLAN. Configuration of more than 1 helper-address within the VLAN may give you some redundancy (if the first device with helper-address has a failure, a second device with helper-address provides redundancy - if the second device has a working path to the DHCP server while the first device is in a failed state). Be aware that every device with helper-address configured which sees the DHCP request will forward a copy to the server. So configuring 2 devices with helper address will double the traffic, 3 devices with helper address will triple the traffic, etc.
Given what I think I understand of your network, if the DHCP server is on the core switch, then I would configure helper-address on the core switch and not worry about the other switches.
That mostly answers my question... so, basically, the only downside to having the helper address set on the other switches is that there will be an increase in dhcp discovery packets? Is there anything else that I should be concerned with?
To clarify on the L2/L3 question.. each switch has 3 vlans, vlan100 for data, vlan200 for voice, vlan300 for management (all with IP addresses). Vlan200 on the [sw-core] currently has the ip helper-address setting for the server that resides on vlan100. The switches are interconnected with L2 etherchannel trunks. I am not running VTP (we have few enough switches/vlans) so the default vtp settings remain - i.e, vtp server, no domain, etc.
I am not sure that there are many other issues to be concerned with other than the question of whether you get real advantage from the more complex config. You know your environment much more than I do, so I will ask you this question: if the DHCP is configured on the core switch, and if there were to be a problem on the core switch, would having helper-address configured on the other switches allow you some way to get to the DHCP? If the answer is yes then there is advantage in having helper-address on the other switches. If the answer is no then you are creating more complex config and getting no real advantage for it.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...