Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Ip helper on layer 3 routing switch- four vlans?

Hi,

 

I have been looking and can't find what i am looking for, i have 2 layer 3 switches and 4 layer 2 switches, everything is trunked good and there are 4 vlans on all of them, i wanna do ip-helper so i can hook up a server 2012 as DHCP on a vlan where it can push DHCP to all vlans, i already greated pools on server 2012 but i think there is one more step to be done on the switches, like to specify a network for each vlan so the DHCP knows where to push IP addresses accoring to vlan switchports and DHCP pool and not sure what it is, anyone can help?

 

Thank you.

3 REPLIES
New Member

You need to use the ip helper

You need to use the ip helper-address x.x.x.x. command. To enter from config t> interface vlan # Config-int> ip helper-address x.x.x.x the question that I am still unclear is do you have to propagate the ip helper command to your level 2 switches?
New Member

This discussion has been

This discussion has been reposted from Cisco User Groups to the LAN, Switching and Routing community.

HelloDo all your switches

Hello

Do all your switches have a management vlan that are reachable by?
Are your L3 switches sharing or providing resiliency for all your vlans?

Usually this is the case, So below is a brief example of what you can do.--

1) Attach the DHCP server to an access port on one of the L3 switches
2) Apply the relay agent to all of the SVI interfaces for all your vlans using the IP helper address x.x.x.x command on the L3 switches

3) - optional for some security) -  enable dhcp snooping on all switches to negate any unwarranted rouge dhcp servers - 

By default wgen this is enabled ALL interfaces are then put in an untrusted state, so you will need to specify some trusted ports ( ip dhcp snooping trust )-to alow dhcp to traverse yur switches.

-- all switch interconnects where you wish DHCP packets to traverse between
-  the port where the dhcp server is attached to

And on the untrusted ports you can set a dhcp rate limit to say how many dhcp packets the interfaces can receive per second  before the interface traffic is dropped.

example:
L3 switch

int vlan 10
ip helper address x.x.x.x

int vlan 11
ip helper address x.x.x.x

int vlan 12
ip helper address x.x.x.x


ip dhcp-snooping
ip dhcp-snooping vlan 10,11,12


int x/x
description DHCP server port
swithport access vlan 12
ip dhcp snooping trust

int x/x
description Trunk to L2 switch-1
ip dhcp snooping trust

int x/x
description Trunk to L2 switch-2
ip dhcp snooping trust


int x/x

description untrusted port
ip dhcp snooping limit rate 100


Hope this was helpful?

res

Paul

   

 

Please don't forget to rate any posts that have been helpful. Thanks.
463
Views
0
Helpful
3
Replies