Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DHCP routing between vlans

Status
Not open for further replies.
BiggM2012

BiggM2012

MIS
Aug 10, 2012
2
US
Hi, I need some help, and I thought this would be a good place to start.

First a general layout of what I'm trying to accomplish.

We have a large Cisco 4510R-E
We currently have 13 vlans enabled.

To sum up my question. We currently have a wireless network running on VLAN1.

We control our network by port.

I setup VLAN 13 to setup a GUEST Wireless network.

The problem we are running into is that the VLAN1 ports are using trunkmode so they can see all vlans.

So right now, even though users are pointing at VLAN13, users are still pulling IP Addresses from VLAN3 where our main data network resides.

My plan is to have VLAN13 setup with it's own dhcp pool. My DHCP server for VLAN13 is a Windows Server 2003 SP2 server.

Please let me know if you have any ideas?

I was going to try and use an ACL to block any traffic from the DHCP server on VLAN3 to VLAN13, but so far I've been met with failure.

Thanks,
BiggM
 
Sort by date Sort by votes
Sorry, the other important thing to know is that VLAN3 and VLAN13 should be feeding different DHCP pools. If they are pointing at VLAN3 they should be pointing to the 10.23.168.1 255.255.255.0 DHCP pool. If they are pointing at VLAN13 they should be pulling 10.23.175.65 255.255.255.192 subnet.

Thanks,
BiggM
 
Upvote 0 Downvote
Hi,

My question is why you were try to block dhcp server traffic to vlan 13 ? because if you do so, vlan 13 never get assigned ip address from dhcp server pool.

Things you need to do is, create separate pool at dhcp server, and don't forget to define each pool with router option same as interface vlan ip address for each vlan.

On cisco switched input ip helper-address {dhcp server ip address} on each interface vlan.


it should works, hope it helps.
 
Upvote 0 Downvote
Hi,

==> The problem we are running into is that the VLAN1 ports are using trunkmode so they can see all vlans.

For your trunk ports use the "Switchport Trunk Allowed Vlan [vlan]" command to only allow certain vlans across the trunk.


Are your other 12 vlans getting the correct IP addresses/subnets from the dhcp server?


Also, as a best practice, move your wireless network off of Vlan 1 and then shutdown Vlan 1.


Stubnski
 
Upvote 0 Downvote
even though users are pointing at VLAN13, users are still pulling IP Addresses from VLAN3 where our main data network resides. "

So you have hosts patched to switchports that are configured as Access ports in VLAN13?

You should have an IP helper address on the VLAN13 interface which points at your DHCP server.
Your DHCP server is on a host which is patched to an Access port in VLAN3? Or VLAN1?
Your DHCP server should have a scope configured on it with the VLAN13 Interface IP address as the Router Address.

And all should work fine.

If it doesn't work fine, please describe with precision your physical and logical configuration - "users pointing at VLAN13...pulling IP Addresses from VLAN3" isn't very meaningful. Use a cut & paste of switch configs where possible.
 
Upvote 0 Downvote
As per what vince has said, you should have the VLAN interface configured and within that config should be the required helper address.
 
Upvote 0 Downvote
hi all

i have a port that keeps going into err-disabled mode and shutdown. i configured err-disabled recovery on the switch but the port still doesn't get back up. below is a log results and err-disabled configuration

Aug 29 07:09:20.628: %PM-4-ERR_DISABLE: link-flap error detected on Gi0/42, putting Gi0/42 in err-disable state
Aug 29 07:09:45.517: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/35, changed state to down
Aug 29 07:09:50.626: %PM-4-ERR_RECOVER: Attempting to recover from link-flap err-disable state on Gi0/42
Aug 29 07:10:19.835: %PM-4-ERR_DISABLE: link-flap error detected on Gi0/42, putting Gi0/42 in err-disable state
Aug 29 07:10:49.833: %PM-4-ERR_RECOVER: Attempting to recover from link-flap err-disable state on Gi0/42
Aug 29 07:13:59.122: %PM-4-ERR_DISABLE: link-flap error detected on Gi0/42, putting Gi0/42 in err-disable state
Aug 29 07:14:29.120: %PM-4-ERR_RECOVER: Attempting to recover from link-flap err-disable state on Gi0/42

ErrDisable Reason Timer Status
----------------- --------------
bpduguard Enabled
channel-misconfig Enabled
dhcp-rate-limit Enabled
dtp-flap Enabled
gbic-invalid Enabled
inline-power Enabled
link-flap Enabled
mac-limit Enabled
loopback Enabled
pagp-flap Enabled
port-mode-failure Enabled
psecure-violation Enabled
security-violation Enabled
sfp-config-mismatch Enabled
small-frame Enabled
storm-control Enabled
udld Enabled
vmps Enabled

Timer interval: 30 seconds

Interfaces that will be enabled at the next timeout:
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Pankaj88
  • Locked
  • Question
BGP Routing Clarification
Replies
0
Views
109
Pankaj88
Pankaj88
mikey789
  • Locked
  • Question
Can 4000-M Routing VLANs ?
Replies
0
Views
70
mikey789
mikey789
bmiller23
  • Locked
  • Question
Issues Between Cisco Network & NVT Phybridge POLRE 8 Port Extender
Replies
13
Views
260
VinceWhirlwind
VinceWhirlwind
paramjotsingh
  • Locked
  • Question
InterVALN Routing in Switch 3850
Replies
4
Views
110
paramjotsingh
paramjotsingh
jmkelly
  • Locked
  • Question
Dynamic routing protocols for catalyst 3850 switches
Replies
4
Views
195
ADB100
ADB100

Part and Inventory Search

Sponsor

Back
Top