We have the configuration below set up in a 3560 switch. We are running out of dynamic IP’s in the current pool (6.35.159.0 – 6.35.159.255). We have a new set of IP’s that we can use (6.44.56.0 – 6.44.57.255 – an additional 512 addresses). Although I can figure out the commands to add a new dhcp pool, secondary subnet, etc., I’ve never done this before so I’m not sure of everything I need to do. The end result I need is that the 3560 needs to be able to hand out IP addresses from the current and new pool to anything connecting to vlan 300 – our datanet where computers access the Internet. Can someone take a look at the configuration below and tell me exactly what I need to do as far as modifying the vlan, adding the secondary subnet, defining helper IP’s, gateways, whatever, so that computers connecting via vlan 300 have Internet access via either of the pools?
Thanks
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2012.07.12 09:31:53 =~=~=~=~=~=~=~=~=~=~=~=
show running-config
Building configuration...
Current configuration : 5727 bytes
!
! Last configuration change at 14:10:57 UTC Thu May 31 2012 by user1
! NVRAM config last updated at 14:14:46 UTC Thu May 31 2012 by user1
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Business-Core
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 $1$DY7I$MfTqxNyT9H.1pkF9W8E681
!
username userold password 0 funyjoke
username user1 password 0 sunnyvale
!
--More-- !
aaa new-model
!
!
aaa authentication login default local
!
!
!
aaa session-id common
system mtu routing 1500
authentication mac-move permit
no ip subnet-zero
ip routing
ip dhcp excluded-address 6.35.159.1 6.35.159.25
!
ip dhcp pool DHCP_Pool1
network 6.35.159.0 255.255.255.0
default-router 6.35.159.1
dns-server 8.8.8.8 8.8.4.4
domain-name funnybiz.net
lease 0 8
!
!
--More-- ip domain-name funnybiz.net
ip name-server 6.35.158.4
!
mls qos
!
!
!
spanning-tree mode rapid-pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
spanning-tree vlan 5,200,300,400,738 priority 4096
!
!
!
!
vlan internal allocation policy ascending
!
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
--More-- !
interface Loopback100
no ip address
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
shutdown
!
interface GigabitEthernet0/1
no switchport
ip address dhcp
!
interface GigabitEthernet0/2
description datafarm A DNS/DHCP
switchport access vlan 200
switchport mode access
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
--More-- !
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
description datafarm A HA
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/11
description datafarm B HA
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
--More-- interface GigabitEthernet0/12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200,300,400
switchport mode trunk
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
description laptop test port
switchport access vlan 300
switchport mode access
spanning-tree portfast
spanning-tree bpdufilter enable
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
switchport access vlan 300
switchport mode access
!
interface GigabitEthernet0/18
--More-- switchport access vlan 300
switchport mode access
!
interface GigabitEthernet0/19
switchport access vlan 200
switchport mode access
shutdown
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
switchport access vlan 300
switchport mode access
!
interface GigabitEthernet0/22
switchport access vlan 200
switchport mode access
!
interface GigabitEthernet0/23
description datafarm B
switchport access vlan 200
switchport mode access
spanning-tree portfast
--More-- !
interface GigabitEthernet0/24
description datafarm A
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/1
description Interface to link 3 Network
no switchport
ip address 7.15.134.62 255.255.255.252
ip access-group 100 in
speed nonegotiate
!
interface GigabitEthernet1/2
speed nonegotiate
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
switchport access vlan 300
switchport mode access
!
--More-- interface TenGigabitEthernet1/1
!
interface TenGigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan200
description CORE IP Network
ip address 6.35.158.1 255.255.255.128
hold-queue 1000 in
!
interface Vlan300
description Access Network
ip address 6.35.159.1 255.255.255.0
ip helper-address 6.35.159.1
no ip redirects
no ip mroute-cache
!
interface Vlan400
ip address 6.35.158.129 255.255.255.128
hold-queue 1000 in
--More-- !
interface Vlan735
no ip address
!
interface Vlan738
description Interface to link 3 Network
no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 4.28.134.61
ip route 6.35.158.0 255.255.255.128 Vlan200
ip route 6.35.158.128 255.255.255.128 Vlan400
ip route 6.35.159.0 255.255.255.0 Vlan300
no ip http server
no ip http secure-server
!
ip sla enable reaction-alerts
access-list 100 permit tcp 63.209.193.0 0.0.0.63 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 permit tcp 63.209.193.0 0.0.0.63 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit udp 63.209.193.0 0.0.0.63 6.35.158.128 0.0.0.127 range 5060 5061
--More-- access-list 100 permit udp 63.209.193.0 0.0.0.63 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit tcp 208.85.134.0 0.0.0.255 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 permit tcp 208.85.134.0 0.0.0.255 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit udp 208.85.134.0 0.0.0.255 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 permit udp 208.85.134.0 0.0.0.255 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 deny tcp any 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 deny tcp any 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 deny udp any 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 deny udp any 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit ip any any
no cdp run
snmp-server community public RO
!
!
line con 0
line vty 0 4
exec-timeout 60 0
transport input ssh
--More-- line vty 5 15
exec-timeout 60 0
transport input ssh
!
!
monitor session 1 source interface Gi1/1
monitor session 1 destination interface Gi0/16
ntp clock-period 36027429
ntp source GigabitEthernet1/1
ntp server 64.90.182.55
end
Business-Core#exit
Thanks
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2012.07.12 09:31:53 =~=~=~=~=~=~=~=~=~=~=~=
show running-config
Building configuration...
Current configuration : 5727 bytes
!
! Last configuration change at 14:10:57 UTC Thu May 31 2012 by user1
! NVRAM config last updated at 14:14:46 UTC Thu May 31 2012 by user1
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Business-Core
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 $1$DY7I$MfTqxNyT9H.1pkF9W8E681
!
username userold password 0 funyjoke
username user1 password 0 sunnyvale
!
--More-- !
aaa new-model
!
!
aaa authentication login default local
!
!
!
aaa session-id common
system mtu routing 1500
authentication mac-move permit
no ip subnet-zero
ip routing
ip dhcp excluded-address 6.35.159.1 6.35.159.25
!
ip dhcp pool DHCP_Pool1
network 6.35.159.0 255.255.255.0
default-router 6.35.159.1
dns-server 8.8.8.8 8.8.4.4
domain-name funnybiz.net
lease 0 8
!
!
--More-- ip domain-name funnybiz.net
ip name-server 6.35.158.4
!
mls qos
!
!
!
spanning-tree mode rapid-pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
spanning-tree vlan 5,200,300,400,738 priority 4096
!
!
!
!
vlan internal allocation policy ascending
!
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
!
--More-- !
interface Loopback100
no ip address
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
shutdown
!
interface GigabitEthernet0/1
no switchport
ip address dhcp
!
interface GigabitEthernet0/2
description datafarm A DNS/DHCP
switchport access vlan 200
switchport mode access
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
--More-- !
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
description datafarm A HA
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/11
description datafarm B HA
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
--More-- interface GigabitEthernet0/12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200,300,400
switchport mode trunk
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
description laptop test port
switchport access vlan 300
switchport mode access
spanning-tree portfast
spanning-tree bpdufilter enable
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
switchport access vlan 300
switchport mode access
!
interface GigabitEthernet0/18
--More-- switchport access vlan 300
switchport mode access
!
interface GigabitEthernet0/19
switchport access vlan 200
switchport mode access
shutdown
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
switchport access vlan 300
switchport mode access
!
interface GigabitEthernet0/22
switchport access vlan 200
switchport mode access
!
interface GigabitEthernet0/23
description datafarm B
switchport access vlan 200
switchport mode access
spanning-tree portfast
--More-- !
interface GigabitEthernet0/24
description datafarm A
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/1
description Interface to link 3 Network
no switchport
ip address 7.15.134.62 255.255.255.252
ip access-group 100 in
speed nonegotiate
!
interface GigabitEthernet1/2
speed nonegotiate
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
switchport access vlan 300
switchport mode access
!
--More-- interface TenGigabitEthernet1/1
!
interface TenGigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan200
description CORE IP Network
ip address 6.35.158.1 255.255.255.128
hold-queue 1000 in
!
interface Vlan300
description Access Network
ip address 6.35.159.1 255.255.255.0
ip helper-address 6.35.159.1
no ip redirects
no ip mroute-cache
!
interface Vlan400
ip address 6.35.158.129 255.255.255.128
hold-queue 1000 in
--More-- !
interface Vlan735
no ip address
!
interface Vlan738
description Interface to link 3 Network
no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 4.28.134.61
ip route 6.35.158.0 255.255.255.128 Vlan200
ip route 6.35.158.128 255.255.255.128 Vlan400
ip route 6.35.159.0 255.255.255.0 Vlan300
no ip http server
no ip http secure-server
!
ip sla enable reaction-alerts
access-list 100 permit tcp 63.209.193.0 0.0.0.63 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 permit tcp 63.209.193.0 0.0.0.63 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit udp 63.209.193.0 0.0.0.63 6.35.158.128 0.0.0.127 range 5060 5061
--More-- access-list 100 permit udp 63.209.193.0 0.0.0.63 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit tcp 208.85.134.0 0.0.0.255 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 permit tcp 208.85.134.0 0.0.0.255 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit udp 208.85.134.0 0.0.0.255 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 permit udp 208.85.134.0 0.0.0.255 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 deny tcp any 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 deny tcp any 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 deny udp any 6.35.158.128 0.0.0.127 range 5060 5061
access-list 100 deny udp any 6.35.158.0 0.0.0.127 range 5060 5061
access-list 100 permit ip any any
no cdp run
snmp-server community public RO
!
!
line con 0
line vty 0 4
exec-timeout 60 0
transport input ssh
--More-- line vty 5 15
exec-timeout 60 0
transport input ssh
!
!
monitor session 1 source interface Gi1/1
monitor session 1 destination interface Gi0/16
ntp clock-period 36027429
ntp source GigabitEthernet1/1
ntp server 64.90.182.55
end
Business-Core#exit
