Re: implementing VLANs - Page 2

zulqurnain · ‎03-01-2009

Hi Everybody,

I am working on a project which involve creating/implementing VLANs in my organization but I'm a little confuse/messed-up. we have around 10 floors and each flr has 3650-E connected to core 6509-E over fiber, our internal subnet through out is 172.20.0.0/16.

What I intend to do is to create VLANs per flr and each flr will have it's own subnet e.g. organization subnet is 172.20.0.0/16 so each flr will be 172.16.1.0 - 254/24 respectively.

Now, how do I configure the switches that when the client workstation e.g. on flr 3 request for an IP from dhcp which will be on subnet 172.20.0.0/16 the workstation should get an IP corresponding to that VLAN i.e. 172.16.3.0/24

I hope my point of view is completely understand and any help would be great

Jon Marshall · ‎03-02-2009

Okay so you have

1) allocated the client port into the correct vlan ie.

int gi0/4

switchport

switchport access vlan 2

2) enabled "ip routing" on the 3560 switch ie.

3560(config)# ip routing

3) Created vlans at Layer 2 on the 3560 ie. "sh vlan" shows all the vlans

4) Created L3 interfaces on the switch ie.

int vlan 2

ip address 172.20.2.254 255.255.255.0

etc...

5) The DHCP server port is allocated to vlan 4 - see 1) for config

6) Under each L3 vlan interface (except 4) you have

int vlan 2

ip helper-address 172.20.4.64

7) You have created the scopes on the DHCP server for each of the vlans

8) Also make sure you enable "portfast" on the client ports ie.

int gi0/4

spanning-tree portfast

Apologies for all the points but it's the only way to troubleshoot.

Jon

zulqurnain · ‎03-02-2009

Hi jon,

I had did exactly as you stated but the workstation on vlan 2 is not getting any IP from DHCP.

If I configure a static IP on the vlan 2 workstation and ping the GW of vlan 2 I am successful, if I ping vlan 4 L3 interface IP 172.20.4.254 I am successful but I cannot ping the DHCP at all. hope this helps in troubleshooting

Jon Marshall · ‎03-02-2009

Are you sure your DHCP server is working correctly ?

Jon

zulqurnain · ‎03-02-2009

YES it was a DHCP problem it started malfunctioning though it seemed it's working. Anyways, it's fixed and it's working now and workstations are getting all correct IP.

Just another question what about the other servers which will be on the same VLAN as of DHCP server, I mean will the client / workstation be able to access them or would I have to do something else in order to make them accessible, additionally the Inter-Vlan access

Jon Marshall · ‎03-02-2009

"Just another question what about the other servers which will be on the same VLAN as of DHCP server, I mean will the client / workstation be able to access them"

Yes you should be fine.

Glad you got it working.

Jon

zulqurnain · ‎03-02-2009

gr8 only one thing to do now, that is to deploy it on the 6500 and hope that I don't get into any trouble.

Jon Marshall · ‎03-02-2009

Good luck with that. Make sure you schedule an outage to do this work.

Let me know how you get on.

Jon

zulqurnain · ‎03-02-2009

Thank Jon, Appreciate your advice and help and surly I will get back to you on how it went and of course I will schedule a outage before, also I thinking if I can do flr by flr instead of doing it altogether, what would you suggest?

michael3046 · ‎03-01-2009

The IP helper address only needs to be applied to the VLAN interface that will be the default gateway for the segment.

If you are not able to "reach the gateway" from the management VLAN interface on the switch itself, then perhaps some vlan configuration exist.