04-14-2023 12:35 PM
I have a CBS350 switch that is set up to do inter-VLAN routing and provide DHCP addresses. That has been working without any issues for quite a while. Recently, I have created a private VLAN on it which is working okay except for one issue. I cannot get DHCP addresses for isolated or community hosts. They do work with static IP addresses though and a device connected to the promiscuous port can obtain a DHCP address.
Have anybody been able to configure a CBS350 switch so it issues DHCP addresses to isolated or community hosts in a private VLAN?
04-14-2023 10:38 PM
- Are you seeing DHCP requests arriving from the particular hosts in the logs of the DHCP server ? Also best to disable the Smartport feature ; review this document :
https://www.cisco.com/c/en/us/support/docs/smb/switches/Cisco-Business-Switching/kmgmt-2797-smartport-best-practices-CBS.html
M.
04-15-2023 04:26 AM
Hi,
When you created the Private vlan, did you assign IP address for that or you created only in Layer 2?
If you create only Layer2 vlan and this is a private vlan, I believe DHCP request will not reach the DHCP service on the switch unless you assign IP to this Vlan.
04-15-2023 06:03 AM
I do not see any DHCP messages in the switch’s log. The logging level is set to ‘debug’. The Smartport feature is disabled. If I connect a device with a DHCP server to the promiscuous port, the isolated and community hosts can get DHCP addresses from it. The private VLAN works okay except for that DHCP issue with the switch’s internal DHCP server.
The primary VLAN has a SVI set up and the routing is working. Anyways, the DHCP server on those switches works even if they are configured as L2.
04-15-2023 06:41 AM
I am confuse. You said:
"Recently, I have created a private VLAN on it which is working okay except for one issue. I cannot get DHCP addresses for isolated or community hosts."
So, do you have IP address on the private vlan?
04-15-2023 08:08 AM
>...I do not see any DHCP messages in the switch’s log
The question (also) was whether you see any requests arriving from these hosts in the dhcp sever logs ,
M>
04-15-2023 08:22 AM - edited 04-15-2023 08:37 AM
The DHCP server log on CBS350? I wish there was one.
04-15-2023 08:32 AM
>...The DHCP server log on CBS350? I with there was one.
Sorry I thought you were using an external dhcp server , (not on the CBS) , actually that might be a good thing to try (and or test) a setup where the DHCP server is 'not local' (so to speak) ,
M.
04-15-2023 06:55 AM
What do you mean? A private VLAN is actually a group of three types of VLANs, one primary and two secondary (isolated and community). I do not have any issue with the primary one. DHCP is working fine for it. DHCP for the secondary one is the issue and only with the switch's internal DHCP server.
04-15-2023 07:16 AM
Got it. If you have no problem on the Primary vlan enable DHCP snooping on the
primary VLAN, it is propagated to the secondary.
03-28-2024 02:20 PM
@KJK99 Did you find a solution? @Flavio Miranda, enable DHCP snooping on the primary VLAN did not resolve the issue.
03-28-2024 06:07 PM
After learning more about the Private VLAN concept, I think that it's just not possible to do it at all. A DHCP server for a Private VLAN needs to be part of that VLAN and be connected to a promiscuous port. It cannot be a DHCP server that runs on a switch. The solution was to set up a DHCP server on the NAS that I already had connected to a promiscuous port.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide