How to configure DHCP option 249

suelange · ‎08-12-2011

Can anyone give me a syntaxto set this on a Cisco switch? I've searched and searched, I keep coming up with general options for DHCP.

here's what I'm facing: I have a 2960G divided into 4 vlans. This is because I have to set up a network in a small town where the best I can get is 2 MB down and 512K up so I'm brining in multiple providers and putting groups of folks on individual 'networks'. For the most part that will work; each vlan gets for it's default gateway the address of the cable modem assigned to their vlan.

However from time to time a user on vlan1 may need to get to something in vlan2 , 3, or 4, for example a printer over there. When that happens I dont want to have to route the traffic out the switch, to the cable modem and back into the switch. That seems stupid when all I need to do is hop that traffic across the switch to the printer in the neighbor vlan.

So, I need to push static routes to the workstation that point them to the vlan interface on the switch for their network, when the traffic is bound for another network on the switch.

I tried option 33 but it results in a route on the windows workstation with a 32 bit mask. This is useless. I need to be able to be able to have DHCP install an entire route including network, mask, and next hop. How do I do this?

Failing that, I can point each workstation's default route to the vlan they are connected to. The switch would then have the routes to route traffic to and from vlans without hitting the cable modems first. However at that point, I'm beholden to the default route on the switch to route traffic to the internet. I can specifiy multiple default gateways but only one can be active at a time, meaning all my internet traffic could go out only one of the providers. That's never going to work with the high volume of traffic and low volume of bandwidth.

thoughts?

andtoth · ‎08-13-2011

Hi,

If you are already using IP routing on the switch (possible with 2960 switches running at least version 12.2(55)SE) by using VLAN interfaces, you only need to set the switch as a default gateway (default router) in the DHCP pool. Then the switch will perform inter-vlan routing and send packets to the appropriate vlan (subnet) based on the destination IP address and its own IP routing table.

Please refer to the following link for more details and examples on configuring IP routing on 2960 switches:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swipstatrout.html

Best regards,

Andras

suelange · ‎08-17-2011

Andras, Thank you. I must be missing something however. The switch itself can only have one default gateway. Granted each DHCP pool can give out a different IP address for the default gateway to each workstation, in this case the IP address of the vlan that the dhcp pool is servicing.

But when the user needs to get to the internet, there can be only one default gateway that the switch uses to get there. That's the problem. I have 4 providers coming in so that I can get enough bandwidth...

I will keep looking at this, as I say maybe I missed something but, my problem is I need to divide internet traffic among 4 providers.

cadet alain · ‎08-17-2011

Hi,

your hosts must have their default-gateway in their own subnet which is the ip address of the vlan interface for that subnet.The switch when doing inter vlan routing between vlan interface will route the traffic.

The ip default-gateway of the switch is for management from a subnet outside the management vlan but if you enable ip routing it won't be used anymore,you'll have to replace it by a static route.

Regards.

Alain.

Don't forget to rate helpful posts.

andtoth · ‎08-17-2011

Hi,

The hosts will have to point their default gateway address to the switch's SVI (vlan interface). Each host to the SVI respective to its vlan.

The switch itself can have multiple (up to 16 on a 2960) static IP routes, which can be a default route. If you have multiple default routes with equal cost (metric), the switch will load-balance between them. Please note however that for this to work you will need provider-independent IP addresses (called PI IP address) otherwise you won't be able to use the address given by provider X on provider Y's network.

Additionally, if you are using private addressing and need to rely on NAT, you will need to get a device, e.g. a router which can perform NAT function because the 2960 switch is not capable of doing that. If this is the case, then it's rather the router who can perform DHCP function (or a separate DHCP server which will assign your router as the default router in the DHCP pool) and the 2960 could be used as a Layer-2 switch with multiple vlans in a router-on-a-stick fashion for instance.

Please don't forget to rate posts if you find them helpful and to mark the post answered if your question is resolved.

Best regards,

Andras

andtoth · ‎08-18-2011

Hi,

In order to use IP routing on the 2960 switch, you will need to change the SDM (Switching Database Manager) template to LAN base routing then save config and reload the switch before you can enable it with 'ip routing' command. Please refer to the following link for more information about this:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_58_se/configuration/guide/swsdm.html

Best regards,

Andras

suelange · ‎08-18-2011

Yes, I found that in the document and did that already. It works in that it does route between the vlans. I was half way through a post reguarding that question when I found the info and so I thought I'd cancelled the post but I guess not.

What doesn't work is being able to direct different hosts out different internet providers by use of multiple default gateways.

I had red earlier that if you have multiple default gateways with equal metrics it will use the first one. This is the case. I have 4 default gateways in there, each able to carry traffic to a provider. The only one that ever gets used for traffic outside the 4 vlans defined on the switch is the first one.

So now I'm back to the start. I can set each DHCP pools' default gateway to the router of choice. That works. If a user needs a printer in their vlan, the traffic stays local to the vlan. If they need to get to internet it goes out their assigned router. BUT if they need to access something on another vlan, it has to leave the switch, jump to the router where I have to put in static routes, and then come back to the switch on the vlan interface to be transfered to another vlan. This is sub-optimal. It certainly isn't the normal pattern for traffic and shouldn't happen often but...I'd rather it didn't happen at all.

Is there a command that would cause it to use the 4 default gateways in a load balanced fashion?

The best answer would be if I could get windows workstations to accept a network router from DHCP for the 192.168.0.0/16 network. But alas option 33 only lets me put in a host id with 32 bit mask. And MAC workstations totally ignore the option 33 values. So I'm kind of toasted still.

suelange · ‎08-18-2011

wait a minute...what I may need is option 121...standby for testing results...

andtoth · ‎08-18-2011

Hi,

Not sure, maybe equal cost multipathing (load-balancing) is not supported with 2960 switches as they are designed for basic IP routing and not for loadbalancing over several links.

When you add the 4 static routes, check with 'sh ip route' to see how they are added and which one is used. Also keep in mind that it will be a destination based load sharing, so for one single destination, the switch will always use the same route (provider).

Best regards,

Andras