DHCP Server with VLANs

malcybood

I've setup intervlan routing on my home lab successfully where I can ping/telnet between VLANs having set static IP addresses on my hosts.

I have assigned the following:

Vlan 1 - 223.8.151.0 /248 Fa0.1
Vlan 10 - 223.8.151.8 /248 Fa0.2 with one host
Vlan 20 - 223.8.151.16 /248 Fa0.3 Win 2k3 DHCP server 223.8.151.18 (static)

I have tried assing the ip helper-address 223.8.151.18 on int fa0.2, fa0.3 and Fa0 none of which seem to work.

When I take the Vlan's out of the equation and set the interface up with no sub-if's and on the same subnet as the DHCP server & assign ip helper-address 223.8.151.18 on Fa0, the host gets a DHCP and DNS address automatically from the Win2k3 server scope that I setup.

When working with inter-VLAN routing, are there any additional commands required in order to use a DHCP server on a different subnet and where do you place them?

sprkymrk

You did enable ip-helper address for each vlan, so any client in any vlan should get an IP address from your DHCP server. Did you create multiple scopes on your DHCP server? Each vlan should have it's own scope.

malcybood

sprkymrk wrote:

You did enable ip-helper address for each vlan, so any client in any vlan should get an IP address from your DHCP server. Did you create multiple scopes on your DHCP server? Each vlan should have it's own scope.

So in theory what I done was correct?

It was quite late and I'd been studying for a while so maybe I mis-matched the scopes to VLANs or something.

Another thing is I didn't reboot the host should this make any difference? I just done an ipconfig /release then a /renew but it just timed out and gave me a 169.254.*.* address

So just to get this right before I go try it again, all I should need to do is add the ip helper command into the sub interfaces of my router and ensure the scopes are setup on the Windows server? I did setup the scope but I'll maybe check them.....

Also do I need to specify a "router" on the Win2k3 scope side? I seen the option for that but wasn't sure.....

Was just wierd that it worked when I use the FA0 interface with no VLAN's

georgemc

malcybood wrote:

I've setup intervlan routing on my home lab successfully where I can ping/telnet between VLANs having set static IP addresses on my hosts.

I have assigned the following:

Vlan 1 - 223.8.151.0 /248 Fa0.1
Vlan 10 - 223.8.151.8 /248 Fa0.2 with one host
Vlan 20 - 223.8.151.16 /248 Fa0.3 Win 2k3 DHCP server 223.8.151.18 (static)

I have tried assing the ip helper-address 223.8.151.18 on int fa0.2, fa0.3 and Fa0 none of which seem to work.

Your DHCP server is connected to Fa0.3, you don't need (or want) an IP-HELPER on this subnet. Nor do you want IP-HELPER on fa0 (which should not have an ip address)

When I take the Vlan's out of the equation and set the interface up with no sub-if's and on the same subnet as the DHCP server & assign ip helper-address 223.8.151.18 on Fa0, the host gets a DHCP and DNS address automatically from the Win2k3 server scope that I setup.

It appears here that you're getting your DHCP information directly from the DHCP server. IPHELPER is only needed on the interfaces/subnets without a DHCP server.

When working with inter-VLAN routing, are there any additional commands required in order to use a DHCP server on a different subnet and where do you place them?

Refer to the message from Sprkymrk above concering the the setup of the proper (separate) scopes for each subnet.
Your scopes should cover the same subnet masks as the subnets they are servicing.

georgemc

Also do I need to specify a "router" on the Win2k3 scope side? I seen the option for that but wasn't sure.....

I would set it even though it's not required to get the initial DHCP address. You will need it in order for the host to communicate outside the subnet via unicast.

I'd guess that the DHCPREQUEST that's sent when your lease reaches 50% would not work. I'd have to test it out to be 100% sure.

malcybood

I'm guessing that it has to be a scope setup issue. I'll set the scopes up again on the server and let you know what I come back with

FYI the sub-interface config on the router is as follows and there is no config on int fa0 except it is up.

interface fa0.1
description admin VLAN 1
encapsulatioon dot1q native
ip address 223.8.151.1 255.255.255.248
no shut

interface fa0.2
description first dhcp scope (switchports 1 - 4)
encapsulatioon dot1q 10
ip address 223.8.151.9 255.255.255.248
ip helper-adress 223.8.151.18
no shut

interface fa0.2
description second dhcp scope (switchports 5 - 8 )
encapsulatioon dot1q 20
ip address 223.8.151.17 255.255.255.248
no shut

I had setup scopes through the wizard for the above ranges as below

223.8.151.9 - 14 /29 & excluded .9 on the scope as this is assigned to fa0.2
223.8.151.17 - 22 /29 & excluded .17 (fa0.3) & .18(windows server) on the scope

georgemc

Looks like it should work. Let us know how it goes when you reconfigure the scopes.

malcybood

Hey,

I double checked the scopes and done what you suggested and I thought I had done anyway but I'd obviously missed doing something....what? I don't know because I basically switched it all on and the clients picked a DHCP/DNS address....lack of sleep I think!

However..................

The next question when I switch the client from VLAN 10 to VLAN 20 (ports 1-4 and 5-8 respectively) they should automatically pick the ip address for that subnet/VLAN?

When I done this the machine that had picked .19 (plugged into port 8 which is how it should work) should have released and renewed for the next available address in the .9 - 14 range automatically? Is this something to do with the scope setup?

If I do an ipconfig/release /renew it fixes it but I would like this to be done automatically.

I see you can set it to obtain a lease for a certain amount of time, but I want it to recognise that it is on a different VLAN/subnet and pick the appropriate address up.

Any ideas?

Thanks for your help so far

Malc

georgemc

It is not automatic. If you just move the cable from one switch port to another, there is no mechanism in place for the client to recognize that it's on a different subnet. You need to renew/release or reboot the machine. Otherwise, you can wait until the lease expires (8 days by default), and then it should pull an address from the new subnet.

malcybood

georgemc wrote:

It is not automatic. If you just move the cable from one switch port to another, there is no mechanism in place for the client to recognize that it's on a different subnet. You need to renew/release or reboot the machine. Otherwise, you can wait until the lease expires (8 days by default), and then it should pull an address from the new subnet.

Nice one thanks George for all the advice......

I was thinking how the hell can I go to 3 different sites in a day when at work and not have to do a release/renew then, but I remembered I shut my laptop down when travelling and if I didn't power off and I was unable to get an ip address on site, the first thing I would probably try is an ipconfig /release then /renew

Thanks again