Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.
Get the latest news in this issue of the Cisco Small Business Monthly Newsletter

DHCP relay on layer 2 switches

Labels:
1272
Views
5
Helpful
9
Comments
RussMcIntire
Beginner
Beginner
‎05-08-2020 03:44 PM
‎05-08-2020 03:44 PM

This may be a simple question so I hope someone can help.

 

We have several Cisco SG300\500 switches in L2 mode. Each switch has 8 VLANS and VLAN 1 is still native (For now). We do all routing between VLAN's on our firewall.

 

After reading several other posts, they were saying you don't need to set up DHCP relay and helper addresses on L2 switches. The firewall will do it all. Is this correct? If so why, and in what circumstance would I need DHCP relay\helpers on L2 switches.

 

All of my switches have 1 SVI on my management VLAN and the IP default-gateway set.

 

Any help is appreciated.

0 Helpful
9 Comments
luis_cordova
VIP Advisor VIP Advisor
VIP Advisor
‎05-08-2020 05:19 PM
‎05-08-2020 05:19 PM

Hi @RussMcIntire 

 

DHCP request packets are broadcast packets, so they are broadcast throughout the broadcast domain (vlan).
This domain includes the interface that hosts the ip gateway of that domain (vlan).

If a DHCP server is found within the broadcast domain, then the DHCP server delivers addressing.
If the broadcast domain (vlan) does not have a DHCP server present in the domain, then the ip helper-address command is needed so that when the DHCP broadcast request packet reaches the interface, the device then changes the broadcast destination address to the unicast address indicated in the command.

In this way, the DHCP request packet can be routed out of the broadcast domain to the remote DHCP server.

 

Regards

RussMcIntire
Beginner
Beginner
‎05-08-2020 05:48 PM
‎05-08-2020 05:48 PM

With that being said, I do not have a DHCP server on each VLAN so I would need the helper address for the VLAN without a DHCP server correct? 

0 Helpful
luis_cordova
VIP Advisor VIP Advisor
VIP Advisor
‎05-08-2020 05:58 PM
‎05-08-2020 05:58 PM

HI @RussMcIntire 

 

query
Do you have a DHCP server or do you have the service configured on a network device?

 

Regards

0 Helpful
RussMcIntire
Beginner
Beginner
‎05-09-2020 07:20 AM
‎05-09-2020 07:20 AM

I have a 4 DHCP servers. 2 DHCP servers on VLAN 1 in fail over config. I also have 2 DHCP servers on VLAN 4 in fail over config. I am migrating all the DHCP scopes off of VLAN 1 to VLAN 4. I currently have DHCP helpers on all switches pointing to all 4 servers. I also have DHCP helpers on my firewall where I do the routing and I am fairly certain I do not need the helpers in both places.

 

Once DHCP is moved off of VLAN 1, Should I remove the helper addresses off of the switches and just leave them on the router to simplify things?

 

I really only want the helpers in 1 spot.

0 Helpful
balaji.bandi
VIP Mentor VIP Mentor
VIP Mentor
‎05-09-2020 02:35 PM
‎05-09-2020 02:35 PM

Once you migrated the Scopes to VLAN4 DHCP Servers, Hope you are not removing VLAN1 - by saying that if you not removing VLAN 1, then  you need to remove OLD DHCP Server and Add new DHCP Servers to VLAN 1 -same like VLAN4 Servers, so users in VLAN 1 get IP address from new DHCP Servers.

0 Helpful
RussMcIntire
Beginner
Beginner
‎05-09-2020 03:25 PM
‎05-09-2020 03:25 PM

My plan is to remove all devices off of VLAN 1, remove the DHCP servers from VLAN 1, and decommission VLAN 1 completely. IE VLAN's 2-9 with DHCP servers only on VLAN 4. SO with this said, can I just keep the helpers on the firewall and remove them from the switches? 

0 Helpful
RussMcIntire
Beginner
Beginner
‎05-12-2020 07:55 AM
‎05-12-2020 07:55 AM

I removed the DHCP helpers from all my switches because I discovered the SG series DHCP helpers were not always forwarding as they should. Once I removed the helpers from the switches and added them to the firewall, everything works just great.

 

I appreciate all the help.

0 Helpful
balaji.bandi
VIP Mentor VIP Mentor
VIP Mentor
‎05-12-2020 11:20 AM
‎05-12-2020 11:20 AM

Glad all working as expected, we should mark this as solution, if no further assistance required here.

0 Helpful
RussMcIntire
Beginner
Beginner
‎05-12-2020 11:34 AM
‎05-12-2020 11:34 AM

Yes, this can be marked as a solution though my browser will not let me.

0 Helpful
Latest Contents
SG 300 upgrade 1.0.x to 1.4.11.5 needs 1.3.0.6 where to down...
Created by JanTo42 on 09-26-2020 06:44 AM
2
0
2
0
Hi, I want to upgrade an old SG 300-10 from 1.0.x to latest relelease 1.4.11.5.Release note describes to go from old versions via 1.3.0.6 to newer releases due to change in th flash file system.The download  section for SG300 only offers very ol... view more
Cisco SPA525G
Created by melbrecruit on 09-26-2020 12:24 AM
3
0
3
0
I have had to move my office to my home due to Covid-19. I picked up the work phone today and have pluged it in with the connection to my computer, but it wont turn on at all.  When I am in the office all we did was put the cable in and it start... view more
small business pro "ESW 520-8p-k9" V1 Firmware
Created by junghoonlee44736 on 09-25-2020 03:08 AM
0
0
0
0
Looking for the latest Firmware(maybe 2.1.1.21) of the old esw520-8p-k9 V1.No more downloads from Cisco website.I will let you know if you need the serial number.   
IC3000 - dwg files and alarm connector
Created by ARKADIUSZROCHOWIAK08936 on 09-25-2020 02:25 AM
0
0
0
0
Hi,is it possible to get dwg files for IC3000?I can not found in IC3000 documentation any information about alarm connector. For what are IN1, REF, IN2 pins?
Voip and SPA504G
Created by R7954 on 09-24-2020 01:39 PM
7
0
7
0
I am subscribed to a managed voip provider in the UK that have onboarded my  3 phones. I have 3 SPA504G phones that  are not specified as separate extensions as they all take the same phone number (ie without extension numbers on the end of... view more
This widget could not be displayed.