Sergio,

I'm not exactly sure I understand what you're trying to do. Let's see if I understand the network correctly.

It looks like you have a flat network (no VLANs = all the customer's switch ports are on the default VLAN, VLAN 1). This broadcast domain uses a Class B private IP network number, 172.26.0.0, with six bits of subnet masking. This allows for a possible 1024 IP addresses, 1022 of which can be assigned to devices on the subnet (general, switches, servers, PCs).

Address 172.26.0.0 is the subnet ID. Addresses 172.26.0.1 through 172.26.0.255 are for general and switches to use? I assume these are statically assigned to these devices.

Addresses 172.26.1.0 through 172.26.1.255 are for servers? I assume these are statically assigned to the servers.

Addresses 172.26.2.0 through 172.26.2.255, and 172.26.3.0 through 172.26.3.254, are for PCs to use? I assume these PCs get these addresses dynamically, using DHCP. And DHCP Server service is running on one of the Windows 2000 Servers. Address 172.26.3.255 is the broadcast IP address for this subnet.

Now, on to your questions, and hopefully some right answers.

If you want to create four VLANs, you only need to create three more VLANs because VLAN 1 already exists. Creating the additional VLANs will not affect the VLAN membership of your existing switch ports; they have to be manually reassigned to another VLAN. This can be done from the command line interface (CLI), one port interface at a time; or via the graphical user interface (GUI). Change of a port's VLAN membership from one VLAN to another is intantaneous; but the switch configuration must be saved if that assignment is to be made permanent (that is, survive a reboot of the switch). CLI commands which will do this are "switchport mode access" and "switchport access vlan xxx" where "xxx" is the VLAN number.

Your LAN is already subnetted. Do you mean, will you need to break up the existing subnet into four smaller subnets and assign one to each VLAN? Well, yes, you could do that; but no, I would not recommend it yet. Because you would have to immediately re-address or at least re-subnet-mask every device on the network!

You will need separate IP subnets for each of the VLANs, though. Since you're using part of a private IP network address, why not consider using some other parts of that same address? VLAN 2 could be IP subnet 172.26.4.0/22, with usable addresses running from 172.26.4.1 through 172.26.7.254. VLAN 3 could be subnet 172.26.8.0/22, with addresses 172.26.8.1 through 172.26.11.254. And VLAN 4 could be subnet 172.26.12.0/22, with addresses 172.26.12.1 through 172.26.15.254.

If you wanted to continue to use your DHCP Server on VLAN 1 to hand out addresses to DHCP clients on the other VLANs, you do not need to create a superscope. Just create a scope for each of the VLANs, using a subset of the IP addresses allocated to that VLAN. As a DHCP scope option, assign the default gateway address that is appropriate for each VLAN. DNS servers and WINS servers (also known as NBNS servers) can be assigned as global options, so they apply across all DHCP scopes.

On the 3550 with Layer 3 "ip routing" enabled, you will either be assigning ports to VLANs as static access ports, or configuring them as VLAN trunk ports that carry any and all VLAN traffic. IP routing is handled by creating a virtual interface for each VLAN, then assigning an IP address to it. For example:

interface Vlan1

ip address 172.26.0.1 255.255.252.0

interface Vlan2

ip address 172.26.4.1 255.255.252.0

interface Vlan3

ip address 172.26.8.1 255.255.252.0

interface Vlan4

ip address 172.26.12.1 255.255.252.0

For the DHCP clients on all the VLANs except the one where your DHCP Server is located, you need to put the "ip helper-address xx.xx.xx.xx" command under the "interface Vlan". The IP address of your DHCP Server goes where the "xx.xx.xx.xx" is. For example, if your DHCP Server is 172.26.1.2, then your configuration would look something like this:

interface Vlan1

ip address 172.26.0.1 255.255.252.0

interface Vlan2

ip address 172.26.4.1 255.255.252.0

ip helper-address 172.26.1.2

interface Vlan3

ip address 172.26.8.1 255.255.252.0

ip helper-address 172.26.1.2

interface Vlan4

ip address 172.26.12.1 255.255.252.0

ip helper-address 172.26.1.2

If you want to have the "ip helper-address" command forward only the UDP broadcast traffic of DHCP clients and DHCP servers, there are several other protocols you have to tell the switch NOT to forward by default. Use these commands:

no ip forward-protocol udp tftp

no ip forward-protocol udp nameserver

no ip forward-protocol udp domain

no ip forward-protocol udp time

no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm

no ip forward-protocol udp tacacs

Once you create the VLANs, set up DHCP Server for the new subnets, create VLAN interfaces on the 3550 L3 switch for IP routing, and tell the 3550 where to send DHCP client address requests, you are ready to start changing access switch ports from VLAN 1 to another VLAN, and plugging DHCP-enabled clients into those switch ports.

One other thing you may need to do: if your servers, PCs, switches, etc. on VLAN 1, IP subnet 172.26.0.0/22, have a default gateway IP address that is NOT the 3550 L3 switch, then that other gateway needs to be informed how to reach the subnets assigned to the other VLANs. Do this by setting up static routes on the gateway, that point to the 3550 L3 switch as the next hop on the way. If this other gateway is a Cisco router, then the following commands will do the job:

ip route 172.26.4.0 255.255.252.0 172.26.0.1

ip route 172.26.8.0 255.255.252.0 172.26.0.1

ip route 172.26.12.0 255.255.252.0 172.26.0.1

Without knowing more details about the existing network configuration and the required configuration, this is my best guess at what you have to work with, and what you need to do.

Hope this helps.