cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

4253
Views
0
Helpful
8
Replies
Highlighted
Beginner

Multiple-VLANs, single DHCP server

So I'm not quite sure what's wrong here. I have a switch which runs two VLANs, one trusted (50), one untrusted (55) and has ports dedicated to each. Both VLANs use a single DHCP server, homed on the trusted (50) VLAN. On my wireless setup this works seamlessly, however, on some untrusted ports I'm pulling trusted IPs. See relevant code below:

interface GigabitEthernet0/45

description Student_Uplinks

switchport access vlan 55

spanning-tree portfast

!

interface GigabitEthernet0/46

description Student_Uplinks

switchport access vlan 55

!

interface GigabitEthernet0/47

description Student_Uplinks

switchport access vlan 55

spanning-tree portfast

!

interface GigabitEthernet0/48

description Student_Uplinks

switchport access vlan 55

!

interface Vlan1

no ip address

shutdown

!

interface Vlan50

ip address 10.50.50.7 255.255.255.0

!

interface Vlan51

no ip address

!

interface Vlan55

no ip address

ip helper-address 10.50.50.31

!

ip default-gateway 10.50.50.4

So 10.50.50.31 is the (Windows) DHCP server for both VLANs, but for some reason, some of the untrusted (55) ports are pulling trusted (50) addresses and I can't sort it out. The next hop (10.50.50.4) is an ASA which knows 55 is untrusted (security of 50 versus trusted's 100), but doesn't seem to be working properly...

8 REPLIES 8
VIP Advisor

Re: Multiple-VLANs, single DHCP server

Hello

Are you saying you dont wont hosts in vlan 55 to receive dhcp requests? - If so remove the ip helper address from SVI 55 as this is relaying requests too the dhcp server?

interface Vlan55

no ip helper-address 10.50.50.31

Please don't forget to rate any posts that have been helpful.

Thanks.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Beginner

Multiple-VLANs, single DHCP server

No, I do want them to receive requests, but on VLAN 55, which is where they're sourcing from, so I'd think they'd get a response on that VLAN. The only thing is that the DHCP server is on the trusted vlan (50), so for whatever reason it appears to be giving out VLAN 50 addresses to devices on VLAN 55.

VIP Advisor

Multiple-VLANs, single DHCP server

Hello,

Have you checked the windows dhcp scopes ranges

res

paul

Please don't forget to rate any posts that have been helpful.

Thanks.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Beginner

Multiple-VLANs, single DHCP server

Yes, I have checked the DHCP scope ranges-they work fine on wireless...

VIP Advisor

Re: Multiple-VLANs, single DHCP server

Hello,

What is the subnet range of those scopes you ae showing-

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Beginner

Multiple-VLANs, single DHCP server

10.50.50.0/24, 10.50.54.0/23

VIP Advisor

Multiple-VLANs, single DHCP server

Hello Ryan -

We can setup  some debugs to try and capture whats going on

But first Is it possible?

You could  a rouge dhcp server.

Do you have a wlc ( wlan controller)  could that be be relaying for that subnet?

res

paul

Please don't forget to rate any posts that have been helpful.

Thanks.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Frequent Contributor

Multiple-VLANs, single DHCP server

Setup an SVI for VLAN 55 with an IP address please in that VLAN and leave the ip helper command and retry.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards