cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1273
Views
0
Helpful
13
Replies

Please Help for VLAN & DHCP

Vikrant Ambhore
Level 1
Level 1

Hello All friends,


I have a WAN site which uses a Cisco 1861 Router, without wi-fi so I bought a aironet wifi thing for it. I want to setup DHCP & VLAN for Voice & Data,

I did Configuration but it's not working..

Please anyone help me on this question.. thanks

13 Replies 13

Bert Gevers
Cisco Employee
Cisco Employee

Hello Vikrant,

Some further clarification on which exact feature is broken would be helpful here.

Are you able to get IP addresses through DHCP for each vlan?

Are you able to ping vlan 1 and vlan 100 when using a statically assigned IP address on a host?

Have you created the layer 2 vlans on the device?

http://www.cisco.com/en/US/docs/routers/access/1800/1801/software/configuration/guide/dhcpvlan.html#wp999406

Your configuration of Fa0/0 also makes me wonder.  PPPOE is configured on this interface and you are using dot1q subinterfaces.  I would rather expect that only PPPOE or dot1q would be needed there (and most likely, only PPPOE).

Any specific reason for having both setup?

Cheers,

Bert

Hello Bert,

Thanks for your quick reply,

I'm Unable to get IP addresses through DHCP for each vlan, but able to ping vlan 1 and vlan 100 when using a statically assigned IP address on a host.

I want to let you know i'm unsure about PPPOE & dot1q subinterfaces, As it doesn’t have wifi, so I bought a aironet wifi thing for it, when i will done router configuraion i will Attached it..

I want to Setup DHCP LAN-POOL is for All computer, Laptop, Printer & Pool phone is for Cisco Wi-fi IP Phone & wired Cisco IP Phone
so Wi fi phone will connect from Airone, want to setup VOIP & Data in Different Vlan

I hope you undersatnd my sceniario

Regards

Vikrant

Hello Vikrant,

can you verify if the BVI interfaces are up (eg. show int bvi 1 ,  show int bvi 2)?

I believe you are missing the following commands:

bridge 1 protocol ieee

bridge 1 route ip

bridge 2 protocol ieee

bridge 2 route ip

Please do let me know if adding the above 2 commands resolves the issue.

Bert

Thanks for your quick reply,

Please look


Melbourne1861#sh int bvi 1
BVI1 is up, line protocol is up
  Hardware is BVI, address is 0026.0b35.1662 (bia 0026.0b35.1660)
  Internet address is 10.10.10.1/24
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 5000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 02:19:23, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/0 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     6 packets output, 360 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
Melbourne1861#sh int bvi 2
BVI2 is up, line protocol is up
  Hardware is BVI, address is 0000.0cba.d0b8 (bia 0026.0b35.1660)
  Internet address is 192.168.8.1/24
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 5000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 02:20:27, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/0 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     11 packets output, 660 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out

Please suggest now do I need to enter below command

bridge 1 protocol ieee

bridge 1 route ip

bridge 2 protocol ieee

bridge 2 route ip

Regards

Vikrant

Hello Friends,


As per your suggestion I did add

bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip

& it's working fine but have another issue issue i hope you will solve this
I am able to ping computer (192.168.8.11) from BVI 1 & BVI 2 but I am unable to ping 10.10.10.1 from Computer but able to ping 192.168.81

Please help me

Hello Vikrant,

I am glad to hear that DHCP now works.

Can you clarify which exact ping is not working?

If I understand correctly, you are able to ping from a PC with IP address 192.168.8.11 to 192.168.8.1, but you are unable to ping 10.10.10.1.

Is that correct?

I would normally start verifying the following on the PC: IP/Mask, default gateway, ARP table

Additionally, on the router, check the route, ARP and cam table.

If all of this is correct, verify if the router receives the ICMP echo requests from the PC by simply enabling 'debug ip icmp' and performing the failing ping.

Bert

Hello Bert,

You are 100% correct,

Pls look

Melbourne1861#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.10.10.1              -   0026.0b35.1662  ARPA   BVI1
Internet  192.168.8.1             -   0000.0cba.d0b8  ARPA   BVI2
Internet  192.168.8.11           23   0016.e673.a3f7  ARPA   BVI2

System IP got  is 192.168.8.11 & gateway is 192.168.8.1 & Preff DNS is 192.168.8.1

also I attached my whole configuration

Hello Vikrant,

Have you performed the test with the debug as suggested?

This will allow us to tell if either the ICMP request or reply is dropped.

Bert

Sorry for that, I forgeted to mention it, I didn't get anything on router when i entred debug ip ICMP & made ping 10.10.10.1 from computer but got reply that time when i used ping 192.168.8.1

like

elbourne1861#
*Nov  4 08:22:36.366: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:37.366: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:38.370: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:39.370: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:40.374: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:41.374: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:42.378: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:43.378: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:44.382: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11
*Nov  4 08:22:45.382: ICMP: echo reply sent, src 192.168.8.1, dst 192.168.8.11

Hello Vikrant,

this indicates that the ICMP request never makes it to the BVI interface and is dropped somewhere.

First of all, can you delete the 'ip helper-address' configured on vlan 1 and vlan 100.  These should not be required.

Can you check (from the input packets interface counter on the 2821) if the ICMP echo requests are being received by the router ?

Bert

for sure we will not able to ping the 10.10.10.x from network 192.168.8.x this is the main idea of VLANs, i dont think ICMP request are droped some where i think we need to create route or ACL

I'm not expert in CIsco just thinking do you have any idea

Hello Vikrant,

In the setup you currently have, the 2821 would perform inter-vlan routing.

Eg. when pinging from the PC to the 10.10.10.1, the following will take place:


1) PC looks up the route in it's routing table.  As it doesn't have a specific route, it will send the traffic to it's default gateway which is 192.168.8.1 .

2) PC checks if it knowns the MAC address for 192.168.8.1.  If not, it will ARP for it.

3) Once the PC knows the MAC address, it will send the ICMP packet with the following characteristics:

source MAC: PC MAC

dest MAC: 0000.0cba.d0b8

source IP: 192.168.8.11

dest IP: 10.10.10.1

4) This packet will then arrive on BVI2 of the router.  As we configured routing for IP traffic for this bridge group (eg. remember bridge 2 route ip), the router will lookup the destination in it's routing table.

5) It will determine that 10.10.10.1 has a receive adjacency on BVI1 and therefore should accept the packet and send an ICMP response.

So eventhough direct communication is not possible, routed communication should be possible.  In case this would not be desired, we should use any means to prevent this (eg. ACL).

In our case however, it does not appear like the ICMP echo request is seen at step 5.

Therefore, the next step would be to verify that step 3 is performed.  For this, either you can look at the interface counters or perform a sniffer trace.

Would it be required for these vlans to be able to communicate?  (eg. ping from 192.169.8.x to 10.10.10.x should work?)

Bert

Hello Bert,

I am able to ping from interface but unable to ping from system

e.g:

ping ip 10.10.10.1 source BVI1 & 2 also

ping ip 192.168.8.1 source BVI1 & 2 also

but if i try from system that time i'm unable to ping 10.10.10.1