How to Block DHCP Broadcast on VLAN

redrain12 · ‎11-30-2012

Hello,

PC1 sending DCHP Request to DHCP server on network 192.168.10.10. Layer 3 Distribution Switch (Mulilayer Switch 3) send same broadcast to 192.168.1.10 and on port Fa0/2 to Layer 2 Switch. When Layer 2 device recives that brodcast then Layer 2 device send same brodcast again to F0/2 then Distribution Switch forward that brodcast to DHCP server second time.

Fa0/2 is a switchport for VALN 20. I'm trying to apply ACL on VLAN 20 but its not working.

Even I tried on VLAN 20 both in/out

access-list 102 deny ip any any

but still L2 receiving the brodcast. How to stop broadcast on Vlan 20?

cadet alain · ‎11-30-2012

Hi,

your dhcp server is on a different network than the client PC, right? then configure ip helper-address x.x.x.x under the corresponding interface vlan with x.x.x.x being the ip address of the dhcp server.

Make sure all L3 devices have routes to dhcp server and to client subnet and that dhcp server has a route to client subnet.

Regards.

Alain

Don't forget to rate helpful posts.

redrain12 · ‎11-30-2012

Dear Alain

Yes my DHCP server on VLAN 10. If PC0 on Vlan 20 send DHCP request to Layer 3 Switch (Fa0/2 Trunk Switchport) then PC0 gets the IP from DHCP server. In the network diagram everything is conected and working fine.

When PC1 on VLAN 21 sends DHCP brodcast to Layer 3 switch then Layer 3 switch forward that broadcast to VLAN 20 and also towards DHCP server. I want to know how to stop Layer 3 switch to forward any DHCP broadcast request to its own VLANs through access-list.

thanks

cadet alain · ‎11-30-2012

Hi,

Can you post configs of L2 and L3 on the left portion of your diagram

Regards.

Alain

Don't forget to rate helpful posts.