Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

implementing VLANs

Hi Everybody,

I am working on a project which involve creating/implementing VLANs in my organization but I'm a little confuse/messed-up. we have around 10 floors and each flr has 3650-E connected to core 6509-E over fiber, our internal subnet through out is 172.20.0.0/16.

What I intend to do is to create VLANs per flr and each flr will have it's own subnet e.g. organization subnet is 172.20.0.0/16 so each flr will be 172.16.1.0 - 254/24 respectively.

Now, how do I configure the switches that when the client workstation e.g. on flr 3 request for an IP from dhcp which will be on subnet 172.20.0.0/16 the workstation should get an IP corresponding to that VLAN i.e. 172.16.3.0/24

I hope my point of view is completely understand and any help would be great

23 REPLIES
New Member

Re: implementing VLANs

Configure an ip helper address with the IP address of the remote DHCP server on each VLAN interface.

Bronze

Re: implementing VLANs

well I tired that but what happens after adding the ports into the newly created VLAN, also configuring the ip helper-address. the workstation are totally not able to contact the DHCP server or you can say the switch itself cannot reach the gateway which is the router.

Hall of Fame Super Blue

Re: implementing VLANs

Are your switches on the floors connected to the 6500 with a L3 or L2 link ie. is it a routed link or a switched link from each floor.

The vlans you are creating where are the L3 vlan interfaces for these vlans, are they on the 3560's or the 6500.

Jon

Bronze

Re: implementing VLANs

Floors are connected to the 6500 over fiber all switches on flr and 6500 are in vlan 1 (172.20.0.0/16) the internal routing at the moment is done by a router which is also the default gateway of all workstations & servers on the LAN, I intend to shift the routing on the 6500 once VLANs are in place.

since 172.20.0.0/16 is the subnet I wanted to configure VLANs 172.20.1.0/24 (1st flor), 172.20.2.0/24 (2nd flr), 172.20.3.0 (3rd flr) and so on for all flrs and leave the servers on 172.20.4.0/16

please advice if this is achievable and do-able.

Hall of Fame Super Blue

Re: implementing VLANs

Yes it is completely do-able.

If you are proposing to use the 6500 to route all the vlans then i would do the following

1) Select a 172.16.x.0 subnet for management of the switches. This is so you can remotely log into the switches. So lets say -

172.16.20.0/25 - vlan 20

2) On the 6500 create all your vlans including vlan 20 ie.

6500(config)# vlan 2

6500(config-vlan)# name

6500(config)# vlan 3

6500(config-vlan)# name

etc... for all vlans

3) On the 6500 create the L3 SVI's for each vlan ie.

6500(config)# int vlan 2

6500(config-if) ip address 172.16.2.1 255.255.255.0

etc... for all vlans

4) Make the 6500 STP root for all vlans

5) Make the 6500 a VTP server and all the 3560 switches VTP clients so that the new vlans you have created on the 6500 are propogated to the 3560 switches

6) Each uplink from a 3560 to the 6500 needs to be a trunk link and you can allow only the vlan per floor and the management vlan on this trunk

7) On each L3 SVI on the 6500 you need an IP helper-address pointing to the DHCP server.

This is a standard L2 edge to L3 distribution design. Because you have 3560 switches you could use L3 in the edge but then the config changes considerably.

Jon

Bronze

Re: implementing VLANs

Hi Jon,

Thanks for the great help, just I couldn't understand the last phrase

"This is a standard L2 edge to L3 distribution design. Because you have 3560 switches you could use L3 in the edge but then the config changes considerably. "

I have 3560 switches on flrs and what changes in config are we talking about.

Hall of Fame Super Blue

Re: implementing VLANs

"I have 3560 switches on flrs and what changes in config are we talking about"

Do you want to use L3 routed links from the edge switches ??. Do you know what IOS feature set your 3560 switches are running ?

Jon

Bronze

Re: implementing VLANs

jon,

I was just trying the suggested steps and I faced an issue which is when I created a VLAN 20 i.e.

172.16.20.0/16 - vlan 20

and then when tried to create VLAN 2 i.e

172.16.2.1 255.255.255.0 it gave me a message 172.16.2.0 overlaps with VLAN 20

New Member

Re: implementing VLANs

why are creating vlan 20 with x.x.x.x /16,

you can assing 172.16.x.x/16 on one vlan and 172.16.2.x/24 on another vlan.

i think steps are to assign each vlan /24.

Thank,

Asim.

New Member

Re: implementing VLANs

i mean you cant assing /16 on one vlan from the same subnet and then /24 on another vlan on the same subnet.

Thanks,

Hall of Fame Super Blue

Re: implementing VLANs

Yes it will because it does overlap. You need to change the mask on vlan 20 to 255.255.255.0 as suggested by other poster.

All your subnets need a /24 ie. 255.255.255.0 subnet mask.

Jon

Bronze

Re: implementing VLANs

yeah thanks I did figured that out, my mistake.

But now I face another problem which is after adding the ports to appropriate VLANs, the workstations cannot reach the DHCP server "Request has timed out"

so any advise please

Hall of Fame Super Blue

Re: implementing VLANs

What IP address is the DHCP server and what vlan is it on.

Which vlan is the client in ?.

Does the switch which the client is connected into have a trunk link to the 6500.

Have you created a L3 vlan interface on the 6500 for the client vlan.

Does the 6500 know how to get to the DHCP server subnet - ie. where is the L3 interface for the DHCP server subnet.

Have you configured an IP helper address under the L3 vlan interface for the client vlan ?

Jon

Bronze

Re: implementing VLANs

that's a lot of questions :) but before I answer any of these let me tell you that I have configured a 3560-E in a test lab to stimulate the 6509-E, 3560-E switch ruuning IOS 12.2(35)SE2 version with SW image C3560E-UNIVERSAL-M

On this SW I have configured 4 VLANs as following

VLAN 1 (172.20.1.254 255.255.255.0)

VLAN 2 (172.20.2.254 255.255.255.0)

VLAN 3 (172.20.3.254 255.255.255.0)

VLAN 4 (172.20.4.254 255.255.255.0)

VLAN 1 has one workstation connected

VLAN 2 has one workstaion connected

VLAN 3 has none at the moment, but I will and wanted to use it for management

VLAN 4 has one server connected running DHCP)

DHCP IP 172.20.4.64/24

Hall of Fame Super Blue

Re: implementing VLANs

Okay so you have

1) allocated the client port into the correct vlan ie.

int gi0/4

switchport

switchport access vlan 2

2) enabled "ip routing" on the 3560 switch ie.

3560(config)# ip routing

3) Created vlans at Layer 2 on the 3560 ie. "sh vlan" shows all the vlans

4) Created L3 interfaces on the switch ie.

int vlan 2

ip address 172.20.2.254 255.255.255.0

etc...

5) The DHCP server port is allocated to vlan 4 - see 1) for config

6) Under each L3 vlan interface (except 4) you have

int vlan 2

ip helper-address 172.20.4.64

7) You have created the scopes on the DHCP server for each of the vlans

8) Also make sure you enable "portfast" on the client ports ie.

int gi0/4

spanning-tree portfast

Apologies for all the points but it's the only way to troubleshoot.

Jon

Bronze

Re: implementing VLANs

Hi jon,

I had did exactly as you stated but the workstation on vlan 2 is not getting any IP from DHCP.

If I configure a static IP on the vlan 2 workstation and ping the GW of vlan 2 I am successful, if I ping vlan 4 L3 interface IP 172.20.4.254 I am successful but I cannot ping the DHCP at all. hope this helps in troubleshooting

Hall of Fame Super Blue

Re: implementing VLANs

Are you sure your DHCP server is working correctly ?

Jon

Bronze

Re: implementing VLANs

YES it was a DHCP problem it started malfunctioning though it seemed it's working. Anyways, it's fixed and it's working now and workstations are getting all correct IP.

Just another question what about the other servers which will be on the same VLAN as of DHCP server, I mean will the client / workstation be able to access them or would I have to do something else in order to make them accessible, additionally the Inter-Vlan access

Hall of Fame Super Blue

Re: implementing VLANs

"Just another question what about the other servers which will be on the same VLAN as of DHCP server, I mean will the client / workstation be able to access them"

Yes you should be fine.

Glad you got it working.

Jon

Bronze

Re: implementing VLANs

gr8 only one thing to do now, that is to deploy it on the 6500 and hope that I don't get into any trouble.

Hall of Fame Super Blue

Re: implementing VLANs

Good luck with that. Make sure you schedule an outage to do this work.

Let me know how you get on.

Jon

Bronze

Re: implementing VLANs

Thank Jon, Appreciate your advice and help and surly I will get back to you on how it went and of course I will schedule a outage before, also I thinking if I can do flr by flr instead of doing it altogether, what would you suggest?

New Member

Re: implementing VLANs

The IP helper address only needs to be applied to the VLAN interface that will be the default gateway for the segment.

If you are not able to "reach the gateway" from the management VLAN interface on the switch itself, then perhaps some vlan configuration exist.

234
Views
10
Helpful
23
Replies
CreatePlease to create content