DHCP accross VLANS

jmollenko · ‎08-09-2005

I have 3 VLANS (VLAN10, VLAN20, and VLAN30)and I am using a windows DHCP server running superscopes. The problem I am having is when a user moves from one VLAN to the next, they are getting an IP from the previous VLAN that they were connected to. If the previous VLAN is 10 and they move to VLAN20, they still get an IP on the VLAN10. VLAN10 can not route to VLAN20. Any suggestions on what I can do to fix this?

Georg Pauwen · ‎08-09-2005

Hello,

are you using ip helper addresses on your VLAN or trunk subinterfaces ? Can you post the configuration of your Layer 3 device ?

Regards,

GP

jmollenko · ‎08-10-2005

No, I am not using ip helper. Here are the three vlan configurations on my layer 3 device.

interface Vlan10

ip address XXX.XXX.XXX.X 255.255.255.0

ip directed-broadcast

standby 2 ip XXX.XXX.XXX.X

standby 2 preempt

standby 2 authentication

!

interface Vlan20

ip address XXX.XXX.XXX.X 255.255.255.0

ip directed-broadcast

standby 3 ip XXX.XXX.XXX.1

standby 3 preempt

standby 3 authentication

!

interface Vlan30

ip address XXX.XXX.XXX.X 255.255.255.0

ip directed-broadcast

standby 4 ip XXX.XXX.XXX.X

standby 4 priority 95

standby 4 preempt

standby 4 authentication

Mark Turpin · ‎08-10-2005

Superscopes should only be used when you have secondary addresses configured on your interfaces.

Do not use superscopes for multiple interfaces with one ip address/subnet per interface.

--
-Mark Turpin

jmollenko · ‎08-10-2005

So do you suggest putting a seperate nic card in for each subnet?

rmullis1 · ‎08-11-2005

That would be impossible. I have over 30 subnets represented on my dhcp server.

rmullis1 · ‎08-11-2005

What I have had to do was...

go through and manually delete the dhcp assignment. and in worst case disable the scope it was in then force it to refresh.

make sure you have ip helper on.

As far as the other reply I am not sure how you would do it with out a superscope. Super scope is ness to have more than one ip scope.

Erik Molenaar · ‎08-11-2005

I would in any case try the 'ip helper address' on the vlan interfaces if i were you. This helps to forward the broadcast from your user pc to the DHCP server.

Broadcasts normally do not cross the subnet boundary - the 'ip helper address' feature sends them to the address you specify.

In your case you need this on both layer 3 devices (according to the 'standby'-commands it looks like you have more than one...)

int vlan 10

ip helper-address

...and so on.

On CCO:

One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP), which is defined in RFC 1531. DHCP protocol information is carried inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the router interface closest to the client. The helper address should specify the address of the DHCP server. If you have multiple servers, you can configure one helper address for each server. Because BOOTP packets are forwarded by default, DHCP information can now be forwarded by the router. The DHCP server now receives broadcasts from the DHCP clients.

jmollenko · ‎08-11-2005

I deleted one of the superscopes and re-added it just as a regular scope, then put the ip-helper command in that particular vlan. It seems to have fixed our problem.

Thanks for all of the good advice!

Mark Turpin · ‎08-11-2005

The point is you should have 3 seperate scopes NOT in a superscope.

Do not use superscopes in your configuration. Superscopes should only be used when you have multiple IP addresses on a single interface on your Cisco router/switch.

So if you had:

!

interface Vlan1

ip address 10.1.1.1 255.255.255.0

ip address 10.1.2.1 255.255.255.0 secondary

!

You'd want a single superscope with two scopes inside it for 10.1.1.0/24 and 10.1.2.0/24.

Based upon what you've said, I believe you have this:

!

interface Vlan10

ip address 10.10.10.1 255.255.255.0

ip helper-address your.dhcp.server.ip

!

interface Vlan20

ip address 20.20.20.1 255.255.255.0

ip helper-address your.dhcp.server.ip

!

Now, since you have two different subnets on two different interfaces, you need two separate scopes on your DHCP server - not a superscope.

Hope this helps!

-Mark

--
-Mark Turpin