Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
796
Views
0
Helpful
2
Replies

CBS350 No DHCP with VLAN MAC Igress

jimstewart77
Level 1
Level 1

‎02-06-2022 09:53 AM - edited ‎02-06-2022 10:35 AM

I have a strange problem while using MAC based VLANs on a CBS350.

I have two VLANs (100 and 400) each running DHCP servers (with router on 10.20.30.1 and 10.20.40.1).

Where I have access ports on 100 and 400 all is as expected.  Both VLANs give my clients DHCP.

I have some General ports which are untagged 100 and tagged 400.  I have an ingress filter on these ports that routes specific MAC addresses onto 400.  On these ports a non-specific MAC address correctly receives a 10.20.30.x address and is on VLAN 100.

My issue is that the specific MAC addresses seem to be in a bit of a no-mans-land.  They are kind of on VLAN 400 but get no DHCP address from the switch.  If I give the clients  manual 10.20.40.x address they can't talk to the switch on 10.20.40.1.  Clients on an access port to VLAN 400 can see it fine.   If I wireshark DHCP I can see DHCP transactions and even an offer but my clients are not seeing DHCP for some reason.  Have tried multiple clients and its the same.

While on a General port the CDP packets don't seem to have a VLAN at all.

The DHCP transactions do mention VLAN 400.

Have I found a firmware bug? (on 3.1.1.7)

Any help appreciated.

Labels:
0 Helpful
2 Replies 2

jimstewart77
Level 1
Level 1

‎02-06-2022 11:47 AM - edited ‎02-06-2022 12:02 PM

I also don't seem to have TCP connectivity from a general port on 400 to access port on 400.  I can see lots of multicast traffic but no TCP.  Wireshark shows just UDP, mDNS and ptp (taken from a General port)

 

Running Arp on the switch shows the switch believes the gi5 dual VLAN port is assigned to vlan 400 and a IP address has been given (although the client is on a self-assigned IP and sees no working DHCP)

0 Helpful

jimstewart77
Level 1
Level 1
In response to jimstewart77

‎02-06-2022 12:29 PM - edited ‎02-06-2022 12:30 PM

solved it.  Didn't think that you could have two different VLANs as untagged for one port but it is possible.  I am sure this worked in a different way on the SG300

 

Now working, it was the 400 tagged that was killing it.  

 

interface GigabitEthernet5
switchport mode general
switchport general allowed vlan add 100,400 untagged
switchport general map macs-group 1 vlan 400
switchport general pvid 100

0 Helpful
Customers Also Viewed These Support Documents