Sir,

The problem is building A also get ip from building B. I really want that building A should get IP from server at buidling A and at building should get IP from building B not vice versa.

thanks,

zaldy

Where and how is the laser bit wireless connected to your switches?

I notice that both switches have their user ports in VLAN 1. I am guessing that the laser bit wireless is connected to an access port in VLAN 1 and is bridging between the buildings. This creates 1 big broadcast domain. This means that when a PC in building A sends a DHCP request that broadcast is forwarded via the bridge to building B and received by that DHCP server as well.

If my theory is correct then I believe that the optimum solution is to configure a second VLAN on each switch, connect the laser bit wireless to the second VLAN (assigning a unique IP subnet to that VLAN). This will allow the routers to do inter-VLAN routing, and will separate the two buildings into separate broadcast domains. This will prevent end stations in building A from receiving IP addresses from the server in building B.

HTH

Rick

Sir,

If you dont mind please give me example of the configuration.

thanks,

zaldy

Zaldy,

In this case the config would be like :

On either of the end, first define the port connecting to the router as the Trunk port and create 2 vlans. one for the users and other for your wireless device.

Int fa 0/x

switchport trunk encapsulation dot1q

switchport mode trunk

If you are using 2950 then just deed to give on " switchport mode trunk " under the interface config.

Then you define the sub-interface on the router for the respective subnets i.e the vlan for your user and for your broadband units.

For router A

int e 0/2.1

encapsulation dot1q 1 native (1 is the Vlan ID, should be same on switch and router )

ip address 172.16.1.1 255.255.0.0

int e 0/2.2

encapsulation dot1q 2 (2 is the Vlan ID)

ip address x.x.x.x y.y.y.y (subnet for your wireless device)

Do the same on both the sidesand you will be good to go..

HTH,

-amit singh

I think the config suggested by Amit is a good start. There are a couple of details which he assumed and I think should be explicitly listed:

- all of the user ports (in both switches) are assigned to VLAN 1 (which is the default).

- the port for the laser bit wireless is assigned to VLAN 2 (on both switches).

- 172.16.x.x is the subnet for the router A and devices on switch A. Router B and devices on switch B must be in a different subnet (perhaps 172.17.x.x/16 to be consistent with the example for router A).

- the subinterfaces for VLAN 2 must be in a separate subnet (perhaps 172.18.x.x to continue the example). It must be the same subnet on both routers.

If you implement this set of configurations then users on switch A should get IP addresses only from the DHCP server on switch A and users on switch B should get their IP addresses only from the DHCP server on switch B. There should be no crossover. And you will not need to configure ip helper-address.

HTH

Rick

Sir,

This what i have done in the configuration. If you dont mind please tell me if this one is correct or not. Thank you for the help.

thanks,

Zaldy

this is for router B

interface FastEthernet0/0

ip address 172.20.1.1 255.255.0.0

speed auto

full-duplex

no cdp enable

!

interface FastEthernet0/0.1

encapsulation dot1Q 2

ip address 172.30.1.1 255.255.0.0

!

router eigrp 1

network 172.20.0.0

auto-summary

!

ip default-gateway 172.20.1.1

ip classless

for switch 1 on building B

interface FastEthernet0/9 (router is connected)

switchport mode trunk

no ip address

!

interface FastEthernet0/12 (laser bit is connected)

description wireless port

switchport mode trunk

no ip address

!

interface GigabitEthernet0/2

no ip address

!

interface Vlan1

ip address 172.20.1.6 255.255.0.0

ip helper-address 172.20.1.12

no ip route-cache

!

ip default-gateway 172.20.1.1

ip http server

For Router A at building A

interface Ethernet0/2

description connected to sw4

ip address 172.16.1.1 255.255.0.0

no ip directed-broadcast

no ip mroute-cache

no cdp enable

no mop enabled

!

interface Ethernet0/2.1

encapsulation dot1Q 2

ip address 172.30.1.3 255.255.0.0

no ip directed-broadcast

router eigrp 1

network 172.16.0.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.16.1.2

no ip http server

Switch on building A

interface FastEthernet0/38

description router connection (router connection)

switchport mode trunk

no ip address

duplex half

!

interface FastEthernet0/48 (where laser bit is connected)

description cross cable with laser switch

switchport mode trunk

no ip address

Zaldy

I am not sure that you understand very well the fundamental problem. If all ports (including the laser bit) are in VLAN 1 or if the port for the laser bit is configured as a trunk port, then all traffic from VLAN 1 on switch A will be forwarded to switch B into VLAN 1 and you will continue to have the same problem. What you need to do is to separate the VLAN 1 on switch A from VLAN 1 on switch B. Creating a second VLAN separate for the laser bit is essential in accomplishing the objective. You then need to router to do inter-VLAN routing. This will provide the separation of the VLANs which you need.

In addition to that I have the following comments about the config that you posted:

- you disable CDP on the LAN interface and I am not sure why you are doing this. CDP is quite helpful. Unless you have a specific reason to disable CDP I suggest that you let it operate on all the interfaces.

- on both routers you have configured one VLAN on the physical interface:

interface FastEthernet0/0

ip address 172.20.1.1 255.255.0.0

but VLANs need to be configured on subinterfaces. So move the IP address from the physical interface to a subinterface. (on both routers)

- on both routers you have EIGRP configured to run on the LAN interface:

router eigrp 1

network 172.20.0.0

but not on the subnet connecting the buildings. This means that the two routers will not form a neighbor relationship and will not advertise to each other. You also need EIGRP to run on the VLAN where the laser bit is located. so add a network statement:

network 172.30.0.0 (on both routers)

- on router B you have configured an ip default gateway which points to the router interface in VLAN 1:

ip default-gateway 172.20.1.1

it does not make sense to point the default gateway to the routers own IP address. It should point to a next hop out of one of the interfaces. (note that the default-gateway on switch B to 172.20.1.1 would be proper and does not need to change.)

- as I mentioned you have configured the interface where the laser bit is located (interface FastEthernet0/12 (laser bit is connected) ) as a trunk port. It should be configured as an access port and assigned to VLAN 2.

- you have configured an ip helper-address:

interface Vlan1

ip helper-address 172.20.1.12

as has been commented in previous posts in this thread you do not need a helpler-address when the server is in the same VLAN (and same subnet) as the clients.

- you have configured a default route on router A which points to some address in its VLAN 1:

ip route 0.0.0.0 0.0.0.0 172.16.1.2

I do not know what that is or if it is appropriate to point the default route to it. You know the topology and can tell us it this would be appropriate. I do notice that you have not configured anything about default route on router B and wonder what you intend to do on that router about a default route.

HTH

Rick

Zaldy,

You should have the two buildings on seperate lans, have the routers join these two lans using the wireless connection.

The dhcp servers are on this local lan and then you do not need IP helper, unless you plan to use the other building dhcp server as a backup.

Even with IP helper the local terminals should always get their dhcp locally as this is the fastest responding device, layer 2.

This design cuts down your broadcast domain, limits spanningtree problems to either building.

If you only have one LAN port on yor router then you can create asecond vlan on each switch and trunk between the switch and router.