Re: VLAN interfaces and routing

cameronS · ‎07-24-2023

We are running into issues with our VLAN configuration when making some changes. For reference:

initial config:

L3 MS225 core switch stack
- client VLAN 1
  - Interface IP set (subnet gateway x.x.x.252)
  - Do not respond to DHCP
MX105 HA
- static route route for VLAN 1
  - Route all to management interface of core switch stack
- Do not respond to DHCP
2 DHCP (HA) servers both using VLAN 1 addresses

This works without issue but very messy IMO

New config (replicating other client VLANs):

Core switch stack
- client VLAN 1
  - interface IP set (x.x.x.1)
  - Do not respond to DHCP
MX105 HA
- Remove static route
- Add client VLAN 1
  - MX IP set to the gateway address x.x.x.252
  - Do not respond to DHCP
No change to DHCP servers

The changes are to change which L3 device becomes the gateway and allow for seamless routing within VLAN 1.

For some reason the above changes just breaks the VLAN. All other client VLANs are setup this way but are relaying DHCP to the DHCP servers that sit in VLAN 1 (I know we should probably have interfaces for the other client VLANs too). The issue must lie with DHCP in my head but I cannot figure out what exactly so hoping some of you geniuses could help.

TIA

aleabrahao · ‎07-24-2023

What do you mean by breaks the VLAN? Can you explain the problem better?

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

aleabrahao · ‎07-24-2023

Another thing, in the DHCP configuration who is the network gateway? If it's the Core siwtch, you need to have a default route pointing to the MX IP.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

cameronS · ‎07-24-2023

Apologies. After the changes, no devices can communicate on VLAN 1 including the DHCP server which in turn causes issues with our other VLANs client addressing (due to bad DHCP settings). The scope uses .252 as the gateway which was the core switch but then changed to the MX.

aleabrahao · ‎07-24-2023

First question, can you reach the gateway?

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

cameronS · ‎07-24-2023

I couldn't test this at the time as the VPN connection went down (authenticates via AD which happens to be on VLAN 1).

MerakiGnome · ‎07-24-2023

Hi @cameronS , doesn’t look like this progressed very far. You still stuck? What are your next steps?

Darren OConnor
https://www.linkedin.com/in/darrenoconnor

Philip D'Ath · ‎07-24-2023

>The changes are to change which L3 device becomes the gateway and allow for seamless routing within VLAN 1.

What is happening here is the MAC address of the default gateway is changing, and clients have not picked up the change. If you give the switch a reboot after doing this (so all the ports go down and up) the clients will refresh their arp caches.

cameronS · ‎07-25-2023

This makes more sense, I'll try this out.