I'm having a problem in which client computers are pulling ip addresses from the wrong DHCP server.
We have a hub and spoke topology and each site is connected to the hub via Metro Ethernet. 3750G core switches are responsible for routing at each site and we are using EIGRP. Each site also has it's on DHCP server.
Some sites are really close to each other so we have setup a backup link via fiber just in case the Metro Ethernet circuit goes down at that particular site. We configured both connecting ports on the 3750's as trunk ports but we are having a problem with clients from site 1 occasionally pulling ip addresses from the DHCP server at site 2. This only happens when we have the backup link connected.
We have vlans created at each site with the ip helper-address pointing to the correct DHCP server.
Does anyone have any insight on why this may be happening?
It sounds like you have remote sites running the same VLAN. You describe the connection on the 3750 as a trunk port but the symptoms sound like the same VLAN exists at both sites and becomes reachable via the backup link.
When a client sends a DHCP request it is sent as a broadcast. Any server that is on that VLAN will receive the request and will respond. Most of the time the "local" server will respond more quickly and will be the one chosen by the client. But sometimes the server reached via the backup may respond more quickly and may be the server chosen by the client.
Without knowing more about your situation and your requirements it sounds to me like the solution would be to ensure that each site is using a unique VLAN and to make the backup link a routed subnet rather than a layer 2 link.
Thanks for your help Rick. You are correct about the remote sites using the same vlans. I'm fairly new to this but I was thinking that since each site has its own VTP domain that this wouldn't be a problem. Guess I was wrong. Can you point me in the right direction to find out how to setup the link in a routed subnet instead of layer 2.
I am guessing that you have the remote 3750s configured as just layer 2 switches. The first step would be to configure ip routing on the switch. This enables both layer 2 and layer 3 operation. Then you would configure the port for the backup link as a layer 3 routed port rather than a layer 2 switched port (which is the default). In interface configuration mode on the port for the backup link enter no switchport and then configure an IP address.
To support the interface as a routed port you will have to allocate a subnet for the routed link (probably a /30 subnet mask would be sufficient since it is functionally going to be a point to point connection). And you will have to decide whether you want to run your dynamic routing protocol over the link (which would probably be my choice) or to configure static routes. Also be aware that when you configure ip routing on the 3750 that the default-gateway which you probably have configured currently will not work and you will need either the dynamic routing protocol or a static default route configured on the 3750.
for more information on configuring the routed port you can use this link:
Thanks for posting the config from the switch. While it does help answer some questions and clarify the behavior that you are seeing, it may raise some other questions. There are obviously some aspects of the design and operation of your network that we do not know and that have determined parts of how the switch is configured.
I believe that the essence of the current problem is that the user ports are in the default VLAN of vlan1. And since the backup link is a layer 2 trunk the VLAN 1 traffic is transported over the trunk to the other switch where it mingles with the VLAN 1 traffic from the other switch. If VLAN 31 is supposed to be the backup link then I would suggest that the immediate solution is to remove the configuration of interface vlan 31 and to configure port G1/0/11 as a routed port:
description **Fiber Connection to NES**
ip address 10.9.0.50 255.255.0.0
This configuration will keep the layer 2 VLAN 1 traffic from being trunked to the other switch. I do wonder about the subnet mask, but it probably is not a problem.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...