I have inherrited a small network and I am tasked with changing the current ip scheme. The current topology is flat and using 22.214.171.124/24 as it's internal range. Im planning to do away with the current scheme and add in a little segmentation using three networks (as Detailed in the IP_VLAN.pdf).
What I wanted to do initially was set the up the initial config and then test connectivity/proof of concept using the 1.*.*.0./24 and the 192.168.32.0/24 networks. I have attached the current config for the my main switch (svrswitch.pdf).
I have all VLANS (1,2,3,10) set up on all switches and SVI's on the main switch. I have a host on VLAN 3 in Switch_1F_2 using 192.168.32.1 as its default gateway.
The two problems I am having are, after changing the default-gateway on a host on 126.96.36.199/24 network to 188.8.131.52 i can only get connectivity by using the "route add" command on the host in Windows dos prompt. So I think I maybe be missing something in terms of routing.
The other problem is regarding establishing DHCP. I can't seem to get my host on the 192.168.32.0/24 to communicate with the DHCP server? The server is currently handing out 184.108.40.206/24 addresses, would that be a problem as they are on different subnets.
Any help would be appreciated.
Hi, for first problem did u enable IP routing on SVR Switch?? for second problem u have to create separate dhcp scope for 192 subnet & u hv to define ip helper address command on vlan 3 interface which u have already defined.
enable ip routing command on srv switch will solve ur routing problem.
but I m still confused with ur first question, actually let me know wht exactly r u trying to do ?
If it helps then do rate it.
Thanks for your reply. I think I have already enabled IP Routing.
Is that correct?
In terms of the dhcp if i set up a server to hand out IP's on the 192.168.32.0/24 subnet that should do it right?
What i'm saying in first question is i just want to get the 220.127.116.11/24 and 192.168.32.0/24 talking to each other properly and fully as a way of testing before i move completely to the 192 range.
Thanks for your reply, I've done that.
ip address 18.104.22.168 255.255.255.0
ip address 192.168.32.1 255.255.255.0
ip helper-address 22.214.171.124
Hi, Its correct. U dont need to create the second dhcp server just create a new scope in the existing DHCP server for vlan 3.
I saw ur diagram I wud suggest you to make one vtp domain & put ur srv server as a vtp server & other switches as vtp client & create trunk between all these switches as u did before. create vlans on srv switch & create vlan interface for all these vlans & then enable IP routing on SRV switch.
it shud work if u have done all these. VTP will allow vlan information to be flow from one switch to another u dont need to create vlans on each switch.
& do remember to put the switch port in proper vlan.
I hope it will help. Please do rate it.
Hi Thanks again,
I'll give this a try. Can i just quickly ask about what you said here "& do remember to put the switch port in proper vlan." are you just saying that the VLAN must have a physical switchport attached to it in order to be active?
Hi, I mean to say is when u hv multiple vlans on a switch u hv to put switch ports in a proper vlan like if u want a pc to b in vlan 3 on a port let say fa0/3 then u hv to put this port in vlan 3 by defining the switchport access vlan 3 command in interface mode.
I hope u got my point.
VTP is working great. DHCP is working great. My only trouble is connectivity to my host on the 192.168.32.0/24, I'm on 126.96.36.199/24 and i can ping and vnc to the host but it can't ping me? It can ping 188.8.131.52 but not me on 184.108.40.206, i have the correct default gateway etc.
no I havent. the host can ping the firewall. However the firewall is not the default gateway the 3650 switch is. Surely the switch should be doing the routing between hosts and the firewall when the default route is employed?
Wht operating system r u using ?? Please check the windows firewall if u running XP. Try to turn it off & then check. If u can communicate between vlans then u can also ping ur machine from other vlans, if u not applied any ACL. check the windows personal firewall on ur machine.
Sorry, got the wrong end of the stick there. All Windows OS, XP Server 2000/2003. It doesn't seem to be the firewall, i have moved everything over to the 220.127.116.11 gateway and there is definitely some connectivity to new servers and hosts, but not all, is it worth clearing the arp cache perhaps?
Sorry about the multiple posts above, IE got a bit upset. Just another quick question.
I have IP routing enabled on my VLAN server switch. Do I need to have ip routing enabled on the other switches that are behaving as VLAN clients in my VTP domain.
No need to enable routing on client switches. You need to enable routing on only SRV switch which is acting as a core for all edge switches.