Solved: Wake On LAN setup with 3650's and 3750's

Christopher455 · ‎01-31-2012

I do appologize up front as I'm not fluent in Cisco CLI commands:

I've read the document (Document ID: 91672) on setting up WoL, but I had a few questions as this doesn't completely fit our situation.

We have 4 3560 switches, 3 have only access to vlan 1, SW4 has access to vlan 1 and vlan 2, every switch is connected by fiber to a 3750.

We want to enable every server/PC on vlan 2 to allow WoL packets to all PC's on the internal network (so WoL through all 5 switches). In the above document, it allows WoL to be executed only from a single IP/Server, is it possible to allow an entire vlan to execute WoL? or allow multiple IP's to execute WoL?

Also, in the switch configuration it says to type

"switchport mode access"

"switchport access vlan4"

"spanning-tree portfast"

We do not use STP and is disabled, is portfast required for WoL use? if Port Fast is disabled by default, could this also be blocking a WoL packet from vlan2 to vlan1 on the same switch?

Thanks in advanced for any help.

Richard Burts · ‎01-31-2012

Chris

Yes it is possible to allow an entire vlan to execute WOL or to allow multiple IPs.

No disabling portfast would not block WOL. portfast allows a connected device (like a PC) to get to the forwarding state more quickly. And it has no real effect on WOL.

If the WOL is being blocked it is much more likely that it is being blocked by the default action of not forwarding broadcasts between vlans/between subnets.

I am not sure which document you are referring to, but here is my quick summary of the simple way to enable WOL:

- on the layer 3 vlan interface where the WOL packets will be received (vlan 2) configure ip helper-address with the broadcast address of the subnet in vlan 1. This will forward WOL packets to the broadcast address of the other subnet.

- on any layer 3 vlan interface for vlan 1 configure ip directed-broadcast. This will allow forwarding of directed broadcasts (which is disabled by default).

Those are the only 2 things required. There are some other things that you may need to do depending on things in your network. You may need to configure ip forward-protocol to define the port number used for WOL packets.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎01-31-2012

Chris

Yes it is possible to allow an entire vlan to execute WOL or to allow multiple IPs.

No disabling portfast would not block WOL. portfast allows a connected device (like a PC) to get to the forwarding state more quickly. And it has no real effect on WOL.

If the WOL is being blocked it is much more likely that it is being blocked by the default action of not forwarding broadcasts between vlans/between subnets.

I am not sure which document you are referring to, but here is my quick summary of the simple way to enable WOL:

- on the layer 3 vlan interface where the WOL packets will be received (vlan 2) configure ip helper-address with the broadcast address of the subnet in vlan 1. This will forward WOL packets to the broadcast address of the other subnet.

- on any layer 3 vlan interface for vlan 1 configure ip directed-broadcast. This will allow forwarding of directed broadcasts (which is disabled by default).

Those are the only 2 things required. There are some other things that you may need to do depending on things in your network. You may need to configure ip forward-protocol to define the port number used for WOL packets.

HTH

Rick

HTH

Rick

Christopher455 · ‎01-31-2012

The document I found can be found here:

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_example09186a008084b55c.shtml

Thank you for answering Rick, that is really helpfull and makes it sound a lot easier.

Which leaves really only one question, which is about the 3560 switch blocking WoL. Here is whats happening:

PC1 on vlan2 connected to a 3560, call it SW1

PC2 on vlan1 connected to SW1

Sending a WoL packet from PC1 to PC2 works only intermittently, it has worked, but rarely.

So my question, since different vlans are on SW1, does communication from PC1 go through SW1 to the 3750 Core switch, and then back to SW1 and then to PC2? or does the SW1 (the 3560) handle the communication in vlans connected to it?

I'm trying to get an idea of what is blocking WoL between PC's connected to the same 3560 switch but on different vlans, because I can take PC1 and just a retail 4 port switch and connect it to PC2 (creating its own two PC network) and have WoL work every time.

Christopher455 · ‎02-01-2012

Ok, I had a really good look at our switch config and the 3560's are not set to do any routing, so all communication between vlans is going through the 3750 switch. I'll change the config for the vlan interfaces on the 3750 and see how that goes.

Thanks for your help Rick, much appreciated.

Richard Burts · ‎02-01-2012

Chris

I am glad that it is now more obvious that WOL between VLANs must go through a layer 3 interface (the 3750 for you I believe).

I am curious about this from one of your posts:

Sending a WoL packet from PC1 to PC2 works only intermittently, it has worked, but rarely.

If the PCs are in different VLANs then I am puzzled how it would ever work.

When you get the changes made post back to the forum with your results.

HTH

Rick

HTH

Rick

Christopher455 · ‎02-14-2012

I made the changes in a test environment (single 3560 and 3750) which were loaded with the exact configs of the production switches.

Made the following changes on the 3750

access-list 101 permit udp host 192.168.1.145 any eq 7

ip forward protocol udp 7

vlan1

ip helper address to my PC (1.145)

ip directed-broadcast 101

vlan2

ip helper-address (vlan 2 gateway) tried with and without this setting

downloaded EMCO and Solarwinds WoL utilities. Also installed wireshark on the WoL sending PC and on a PC connected to vlan1.

verified WoL was set in the BIOS and allowed the NIC to turn the PC on from standby setting in windows.

PC's are powered off with active NIC connections.

Broadcast packets are sent from vlan2 and received on vlan1, broadcast IP 255.255.255.255 is the destination.

WoL still barely works (it turned on 1 PC 2 times out of 30-40 attempts). The subnet mask of vlan 1 is 255.255.240.0 and I did try setting the WoL software to use directed broadcast with that subnet.

Wireshark on vlan2 shows the unicast WoL packet directly to the IP's of the PC's to get turned on, and also another packet to the broadcast address for the subnet, 172.20.15.255

Wireshark on a PC in vlan1 show the broadcast ARP request for the IP's to get turned on, and another packet for the ECHO request to 255.255.255.255

So the setting changes did work, the WoL packets are now getting to the vlan, but nothing is getting turned on.

To reply to your question:

"If the PCs are in different VLANs then I am puzzled how it would ever work."

That makes two of us. Theres no way it should have worked unless it was using unicast and sending the WoL packet directly to the PC's IP address and not use a broadcast, but then that doesn't explain why WoL doesn't work for the rest of the PC's...

Richard Burts · ‎02-14-2012

Chris

If wireshark is showing that the WOL packets are being forwarded into the VLAN then from a networking perspective it is working. If some PCs do not respond or respond erratically then it might be some issue with the PC or with the way that some WOL is interpreted (or ignored) by the pc. But it is not a networking problem.

HTH

Rick

HTH

Rick