11-29-2013 07:33 AM - edited 03-07-2019 04:51 PM
HI all !
End user has a WS-C3560G-48TS-S with c3560-ipbase-mz.122-50.SE5 as switch CORE where intervlan routing is set.
A windows DHCP server with 3 scopes has been configured and is conected to port 8 in switch core.
At the beginning all user and server were in vlan 1 (172.16.30.X) then end user requested to separate network segment;new vlan were set for servers, user, wlans user. In windows DHCP server were defined new scopes for 172.16.33.X, 172.16.35.X
When I try to moved user to 17.16.33. X or 172.16.35.X ( previously the switch port are configured in new vlan)they don´t get
ip address of new segment, some time receive ip address (169.x.x.x) , other times the original segment 172.16.30.X.
just in few times new segments are assigned correctly to ports.
My doubt is,
is there something left in switch's configuracion?
the switch's port where windows DHCP server is connected required an special config?
maybe something wrong in configuration with windows DHCP server (I checked that new scopes are set and active)?
any suggestion for this issue?
thanks in advance for your help
*****************************************************************
ip routing
!
interface Vlan300
description SERVER
ip address 172.16.30.30 255.255.255.0
ip helper-address 172.16.30.1
!
interface Vlan320
description Mgmt
ip address 172.16.32.254 255.255.255.0
!
interface Vlan330
description Users
ip address 172.16.33.253 255.255.255.0
ip helper-address 172.16.30.1
interface Vlan350
description WLAN_Users
ip address 172.16.35.253 255.255.255.0
ip helper-address 172.16.30.1
interface GigabitEthernet0/8
description SERVER DHCP
switchport mode access
switchport access vlan 300
interface GigabitEthernet0/X
description users
switchport mode access
switchport access vlan 330
interface GigabitEthernet0/X
description users
switchport mode access
switchport access vlan 350
12-02-2013 04:11 PM
Hi Jon,
I reproduce a similar scenario as end user has. After doing DHCP debugging on access switch I notice that vlans did not pass through trunk with sw core, even though it looks trunk were UP.
Finally I could set the trunk UP and verify that vlans can go through the trunks. I set differents ports in differents VLANs and I connected my lap to those differents ports; laps received ip address from differents vlan without any problem. I did not need to force to release ip address.
It was a simple detail that was about to make me crazy....
thanks for your time
regards
12-02-2013 04:13 PM
No problem, glad you got it sorted and thanks for letting us know the solution.
Jon
11-29-2013 09:42 PM
I think the problem could be with Ip address helper.
Sent from Cisco Technical Support Android App
12-01-2013 08:16 PM
HI luke,
the ip address is correct, there is only one DHCP server.
regards
12-01-2013 09:34 PM
Hi,
As per the above config,you should be able to ping all ip address of the vlans in your core switch(L3 Switch).Verify once.
After verifying,you do the following in your DHCP Server.
Go to Command prompt,Type
route add vlan address mask IPV4 Subnet Mask Core switch address(where you have created Vlans) -p(persistant Route)
Eg route add 172.18.0.0 mask 255.255.0.0 172.16.1.1 -p
Once the vlan traffic is generated and it is sent to l3 switch or for the default gateway.
If the gateway is firewall and if their is no ploicy defined for that,then packet gets lost.
If the gateway is L3 or core switch,the packet will be delivered to dhcp server,but the dhcp server will send to default gateway.
By adding this command,we are defining return path for the traffic,rather than traffic flowing through default gateway of that vlan.
After adding persistant route,Your DHCP Server will be able to ping all vlans.
Regards,
Guru
12-01-2013 10:41 PM
Hi,
Put your user subnet,user subnet mask and your server vlan gateway (which is in core switch) to the route.
Regards,
Guru
12-02-2013 11:46 AM
Hi,
Check the ports connected between the Multilayer switch and the access switches and make sure that they are trunk ports and VLANs are allowed on the trunk and the PCs are connected to access ports with corresponding access VLANs.
P.S there is no need to ip helper-address on the interface VLAN 300 where the DHCP exists.
Regards,
Khaled Omar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide