Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1382
Views
0
Helpful
3
Replies

Adding a seocnd / sub DHCP pool

random260
Level 1
Level 1

ā€Ž07-26-2012 10:33 AM - edited ā€Ž03-07-2019 08:00 AM

We have the configuration below set up in a 3560 switch (addresses and names modified for privacy). We are running out of dynamic IPā€™s in the current pool (6.35.159.0 ā€“ 6.35.159.255). We have a new set of IPā€™s that we can use (6.44.56.0 ā€“ 6.44.57.255 ā€“ an additional 512 addresses). Although I can figure out the commands to add a new dhcp pool, secondary subnet, etc., Iā€™ve never done this before so Iā€™m not sure of everything I need to do. The end result I need is that the 3560 needs to be able to hand out IP addresses from the current and new pool to anything connecting to vlan 300 ā€“ our datanet where computers access the Internet. Can someone take a look at the configuration below and tell me exactly what I need to do as far as modifying the vlan, adding the secondary subnet, defining helper IPā€™s, gateways, whatever, so that computers connecting via vlan 300 have Internet access via either of the pools?  I have been told that all I need to do is create the pool, but not sure if that is correct...

Thanks

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2012.07.12 09:31:53 =~=~=~=~=~=~=~=~=~=~=~=

show running-config

Building configuration...

Current configuration : 5727 bytes

!

! Last configuration change at 14:10:57 UTC Thu May 31 2012 by user1

! NVRAM config last updated at 14:14:46 UTC Thu May 31 2012 by user1

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Business-Core

!

boot-start-marker

boot-end-marker

!

no logging console

enable secret 5 $1$DY7I$MfTqxNyT9H.1pkF9W8E681

!

username userold password 0 funyjoke

username user1 password 0 sunnyvale

!

--More--         !

aaa new-model

!

!

aaa authentication login default local

!

!

!

aaa session-id common

system mtu routing 1500

authentication mac-move permit

no ip subnet-zero

ip routing

ip dhcp excluded-address 6.35.159.1 6.35.159.25

!

ip dhcp pool DHCP_Pool1

   network 6.35.159.0 255.255.255.0

   default-router 6.35.159.1

   dns-server 8.8.8.8 8.8.4.4

   domain-name funnybiz.net

   lease 0 8

!

!

--More--         ip domain-name funnybiz.net

ip name-server 6.35.158.4

!

mls qos

!

!

!

spanning-tree mode rapid-pvst

spanning-tree etherchannel guard misconfig

spanning-tree extend system-id

spanning-tree uplinkfast

spanning-tree backbonefast

spanning-tree vlan 5,200,300,400,738 priority 4096

!

!

!

!

vlan internal allocation policy ascending

!

ip ssh time-out 60

ip ssh authentication-retries 2

ip ssh version 2

!

--More--         !

interface Loopback100

no ip address

!

interface FastEthernet0

no ip address

no ip route-cache cef

no ip route-cache

no ip mroute-cache

shutdown

!

interface GigabitEthernet0/1

no switchport

ip address dhcp

!

interface GigabitEthernet0/2

description datafarm A DNS/DHCP

switchport access vlan 200

switchport mode access

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

--More--         !

interface GigabitEthernet0/5

!

interface GigabitEthernet0/6

!

interface GigabitEthernet0/7

!

interface GigabitEthernet0/8

!

interface GigabitEthernet0/9

!

interface GigabitEthernet0/10

description datafarm A HA

switchport access vlan 200

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/11

description datafarm B HA

switchport access vlan 200

switchport mode access

spanning-tree portfast

!

--More--         interface GigabitEthernet0/12

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 200,300,400

switchport mode trunk

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

description laptop test port

switchport access vlan 300

switchport mode access

spanning-tree portfast

spanning-tree bpdufilter enable

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

switchport access vlan 300

switchport mode access

!

interface GigabitEthernet0/18

--More--         switchport access vlan 300

switchport mode access

!

interface GigabitEthernet0/19

switchport access vlan 200

switchport mode access

shutdown

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

switchport access vlan 300

switchport mode access

!

interface GigabitEthernet0/22

switchport access vlan 200

switchport mode access

!

interface GigabitEthernet0/23

description datafarm B

switchport access vlan 200

switchport mode access

spanning-tree portfast

--More--         !

interface GigabitEthernet0/24

description datafarm A

switchport access vlan 200

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet1/1

description Interface to link 3 Network

no switchport

ip address 7.15.134.62 255.255.255.252

ip access-group 100 in

speed nonegotiate

!

interface GigabitEthernet1/2

speed nonegotiate

!

interface GigabitEthernet1/3

!

interface GigabitEthernet1/4

switchport access vlan 300

switchport mode access

!

--More--         interface TenGigabitEthernet1/1

!

interface TenGigabitEthernet1/2

!

interface Vlan1

no ip address

shutdown

!

interface Vlan200

description CORE IP Network

ip address 6.35.158.1 255.255.255.128

hold-queue 1000 in

!

interface Vlan300

description Access Network

ip address 6.35.159.1 255.255.255.0

ip helper-address 6.35.159.1

no ip redirects

no ip mroute-cache

!

interface Vlan400

ip address 6.35.158.129 255.255.255.128

hold-queue 1000 in

--More--         !

interface Vlan735

no ip address

!

interface Vlan738

description Interface to link 3 Network

no ip address

!

ip classless

ip route 0.0.0.0 0.0.0.0 4.28.134.61

ip route 6.35.158.0 255.255.255.128 Vlan200

ip route 6.35.158.128 255.255.255.128 Vlan400

ip route 6.35.159.0 255.255.255.0 Vlan300

no ip http server

no ip http secure-server

!

ip sla enable reaction-alerts

access-list 100 permit tcp 63.209.193.0 0.0.0.63 6.35.158.128 0.0.0.127 range 5060 5061

access-list 100 permit tcp 63.209.193.0 0.0.0.63 6.35.158.0 0.0.0.127 range 5060 5061

access-list 100 permit udp 63.209.193.0 0.0.0.63 6.35.158.128 0.0.0.127 range 5060 5061

--More--         access-list 100 permit udp 63.209.193.0 0.0.0.63 6.35.158.0 0.0.0.127 range 5060 5061

access-list 100 permit tcp 208.85.134.0 0.0.0.255 6.35.158.128 0.0.0.127 range 5060 5061

access-list 100 permit tcp 208.85.134.0 0.0.0.255 6.35.158.0 0.0.0.127 range 5060 5061

access-list 100 permit udp 208.85.134.0 0.0.0.255 6.35.158.128 0.0.0.127 range 5060 5061

access-list 100 permit udp 208.85.134.0 0.0.0.255 6.35.158.0 0.0.0.127 range 5060 5061

access-list 100 deny   tcp any 6.35.158.128 0.0.0.127 range 5060 5061

access-list 100 deny   tcp any 6.35.158.0 0.0.0.127 range 5060 5061

access-list 100 deny   udp any 6.35.158.128 0.0.0.127 range 5060 5061

access-list 100 deny   udp any 6.35.158.0 0.0.0.127 range 5060 5061

access-list 100 permit ip any any

no cdp run

snmp-server community public RO

!

!

line con 0

line vty 0 4

exec-timeout 60 0

transport input ssh

--More--         line vty 5 15

exec-timeout 60 0

transport input ssh

!

!

monitor session 1 source interface Gi1/1

monitor session 1 destination interface Gi0/16

ntp clock-period 36027429

ntp source GigabitEthernet1/1

ntp server 64.90.182.55

end

Business-Core#exit

Labels:
0 Helpful
3 Replies 3

darren.g
Level 5
Level 5

ā€Ž07-26-2012 07:14 PM 

steven smith wrote:
We have the configuration below set up in a 3560 switch (addresses and names modified for privacy). We are running out of dynamic IPā€™s in the current pool (6.35.159.0 ā€“ 6.35.159.255). We have a new set of IPā€™s that we can use (6.44.56.0 ā€“ 6.44.57.255 ā€“ an additional 512 addresses). Although I can figure out the commands to add a new dhcp pool, secondary subnet, etc., Iā€™ve never done this before so Iā€™m not sure of everything I need to do. The end result I need is that the 3560 needs to be able to hand out IP addresses from the current and new pool to anything connecting to vlan 300 ā€“ our datanet where computers access the Internet. Can someone take a look at the configuration below and tell me exactly what I need to do as far as modifying the vlan, adding the secondary subnet, defining helper IPā€™s, gateways, whatever, so that computers connecting via vlan 300 have Internet access via either of the pools?  I have been told that all I need to do is create the pool, but not sure if that is correct...
Thanks

Steven.

As far as I know, you can't do that. You can't have a DHCP server allocating IP addresses in a completely different subnet for the network involved - and you've specified you want VLAN300 to have allocations from *both* pools.

What you could do is create another VLAN and put your "new" nodes into that VLAN - or spread your ports across VLAN's and move the load into the second pool - call it VLAN 301 and just duplicate your existing configurations for VLAN 300 (changing IP addresses as necessary) - but I don't know of a way to do what you want in one VLAN.

Sorry I can't be more help.

0 Helpful

Sandeep Choudhary
VIP Alumni
VIP Alumni

ā€Ž07-27-2012 01:42 AM

HI Steven,

We vcan not configure  2 diff network on a single dhcp pool.

If you wasnt then you can create 2 shcp pool and then assign the address, it will work

Regards

Please rate if it helps.

0 Helpful

Rick Morris
Level 6
Level 6

ā€Ž07-27-2012 11:42 AM

Here is a DHCP configuration guide to assist you.

http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfdhcp.html

With 2 different subnets you will need 2 different DHCP pools. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card