Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Strange VLAN behavior

I have a 3560 with a switchport access vlan 300 on port f0/2. However when I plug a PC with DHCP it gets a DHCP lease from VLAN1. How is this possible? There is no DHCP helper on the vlan interface. If I put a static IP for VLAN 300 it works as well. Am I accidentally VLAN hopping? If so how do I stop it?

2 REPLIES

Re: Strange VLAN behavior

Hi Friend,

Where is your DHCP server, in which VLAN? is it an external DHCP server or router or switch itlself serving as DHCP server?

Also so you have a cross cable connect between VLAN 300 and VLAN 1 by anychance.

Regards,

Ankur

New Member

Re: Strange VLAN behavior

The DHCP server is in VLAN1. It is a Windows 2003 server. I have a switch that looks like this:

AccessSwitch

Access port:

interface FastEthernet0/2

switchport access vlan 300

spanning-tree portfast

Uplink port:

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape 10 0 0 0

queue-set 2

udld port

mls qos trust cos

auto qos voip trust

channel-group 1 mode on

spanning-tree guard loop

end

CoreSwitch:

Uplink from AccessSwitch:

interface GigabitEthernet2/0/18

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape 10 0 0 0

queue-set 2

mls qos trust cos

auto qos voip trust

channel-group 2 mode on

Connection to Router:

interface GigabitEthernet2/0/13

description (Corp router)

switchport trunk encapsulation dot1q

switchport trunk native vlan 200

switchport mode trunk

duplex full

spanning-tree guard root

Router:

interface GigabitEthernet0/1

no ip address

ip access-group 101 in

ip nat inside

ip virtual-reassembly

no ip mroute-cache

duplex auto

speed auto

media-type rj45

negotiation auto

!

interface GigabitEthernet0/1.1

description $FW_INSIDE$

encapsulation dot1Q 1

ip address 192.168.172.1 255.255.255.0

ip access-group 102 in

ip nat inside

ip virtual-reassembly

no ip mroute-cache

no snmp trap link-status

no cdp enable

!

interface GigabitEthernet0/1.2

description $FW_INSIDE$

encapsulation dot1Q 100

ip address 192.168.100.8 255.255.255.0 secondary

ip address 192.168.100.254 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip mroute-cache

no snmp trap link-status

no cdp enable

!

interface GigabitEthernet0/1.3

encapsulation dot1Q 200 native

no ip mroute-cache

no snmp trap link-status

no cdp enable

!

interface GigabitEthernet0/1.4

encapsulation dot1Q 300

ip address 172.16.231.1 255.255.255.0

no ip mroute-cache

no snmp trap link-status

no cdp enable

91
Views
0
Helpful
2
Replies
CreatePlease login to create content