Options

Configure InterVLAN Routing on 3550 switch

eleguaelegua Member Posts: 282
in CCNA & CCENT
Hi Guys,

I upgraded from a 2950 to a 3550 my home network switch, before i was doing intervlan with a router and everything was working good, i created all vlan interfaces on the 3550 switch, assigned ports to each vlan and run "ip routing" cmd, in vlan 3 i have running DHCP on a windows server but after i changed from the 2950 to the 3550 all divices are not getting IP's from the DHCP server, do i need an extra configuration?. here is the 3550 switch config:
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname SW3550-GATEWAY
!
no logging console
no logging monitor
enable secret XXXXXXXXXXXXXX
!
username admin privilege 15 secret XXXXXXXXXXXXXX
no aaa new-model
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
no ip source-route
ip routing
no ip domain-lookup
ip domain-name HomeNetwork.com
!
vtp domain HOME-NETWORK
vtp mode transparent
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10   
 name ADMIN
!
vlan 20
 name SERVERS
!
vlan 30
 name USERS
!
vlan 40
 name WIRELESS
!
ip ssh authentication-retries 2
ip ssh logging events
ip ssh version 2
!
!
interface FastEthernet0/1
 switchport mode access
 spanning-tree portfast
!         
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 20
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 40
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 40
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 40
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 40
 switchport mode access
 spanning-tree portfast
!         
interface GigabitEthernet0/1
 switchport mode dynamic desirable
 shutdown
!
interface GigabitEthernet0/2
 switchport mode dynamic desirable
 shutdown
!
interface Vlan1
 ip address 192.168.1.50 255.255.255.0
!
interface Vlan10
 ip address 192.168.2.1 255.255.255.0
!
interface Vlan20
 ip address 192.168.3.1 255.255.255.0
!
interface Vlan30
 ip address 192.168.4.1 255.255.255.0
!
interface Vlan40
 ip address 192.168.5.1 255.255.255.0
!         
ip classless
no ip http server
no ip http secure-server
!
!
access-list 1 permit 192.168.2.4
access-list 1 deny   any log
no cdp run
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 password XXXXXXXXXXXXXX
 logging synchronous
 login
line vty 0 4
 access-class 1 in
 exec-timeout 30 0
 privilege level 15
 logging synchronous
 login local
 transport input ssh
line vty 5 15
 access-class 1 in
 exec-timeout 30 0
 privilege level 15
 logging synchronous
 login local
 transport input ssh
!
end

SW3550-GATEWAY#

SW3550-GATEWAY#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Gi0/1, Gi0/2
10   ADMIN                            active    Fa0/2, Fa0/3, Fa0/4, Fa0/5
20   SERVERS                          active    Fa0/6, Fa0/7, Fa0/8
30   USERS                            active    Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
40   WIRELESS                         active    Fa0/21, Fa0/22, Fa0/23, Fa0/24
1002 fddi-default                     act/unsup 
1003 trcrf-default                    act/unsup 
1004 fddinet-default                  act/unsup 
1005 trbrf-default                    act/unsup 

SW3550-GATEWAY#

Here is my router interface that is connected to port 1 on the switch:
interface FastEthernet0/0
 description "Private LAN"
 ip address 192.168.1.1 255.255.255.0
 ip tcp adjust-mss 1452
 ip access-group LAN in
 ip nat inside
 ip virtual-reassembly
 no cdp enable

Is this configuration correct or do i need something else?, why DHCP server can't lease ip addresses to the hosts?.

Thanks in advance. icon_wink.gif
· Share on FacebookShare on Twitter

Comments

  • Options
    scheistermeisterscheistermeister Member Posts: 748 ■□□□□□□□□□
    If the DHCP server is in another vlan yes. I think it was ip dhcp helper-address or something similar. Give me a minute and I will look it up.

    Edit: Found it. It was just ip helper addess

    A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents receive DHCP messages and then generate a new DHCP message to send out on another interface. The agents forward requests and replies between clients and servers when they are not on the same physical subnet.

    The Cisco IOS DHCP relay agent is enabled on an interface only when the ip helper-address is configured.

    DHCP clients use UDP broadcasts to send their initial DHCPDISCOVER message, because they do not have information about the network to which they are attached.

    If the client is on a network that does not include a server, UDP broadcasts are normally not forwarded by the attached router.

    The ip helper-address command causes the UDP broadcast to be changed to a unicast and forwarded out another interface to a unicast IP address specified by the command.

    The relay agent sets the gateway address (giaddr field of the DHCP packet) and, if configured, adds the relay agent information option (option 82) in the packet and forwards it to the DHCP server. The reply from the server is forwarded back to the client after removing option 82.
    Give a man fire and he'll be warm for a day. Set a man on fire and he'll be warm for the rest of his life.
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    Hi,

    I found this: 
    Configure the interface to the default router. In this scenario you have a Layer 3 FastEthernet port.

Switch(config)#interface FastEthernet 0/1
Switch(config-if)#no switchport
Switch(config-if)#ip address 192.168.1.50 255.255.255.0
Switch(config-if)#no shutdown
The no switchport command makes the interface Layer 3 capable. The IP address is in the same subnet as the default router. 

Note: This step can be omitted if the switch reaches the default router through a VLAN. In its place, configure an IP address for that VLAN interface.

    and this: 
    Configure the default route for the switch. 

Switch(config)#ip route 0.0.0.0 0.0.0.0 XX.XX.XX.XX

    XX.XX.XX.XX in my case should be 192.168.1.1 right?.

    Is this part what i'm missing in the switch configuration?

    Thanks in advance. icon_wink.gificon_wink.gif
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    scheistermeister wrote:
    If the DHCP server is in another vlan yes. I think it was ip dhcp helper-address or something similar. Give me a minute and I will look it up.

    Edit: Found it. It was just ip helper addess

    A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents receive DHCP messages and then generate a new DHCP message to send out on another interface. The agents forward requests and replies between clients and servers when they are not on the same physical subnet.

    The Cisco IOS DHCP relay agent is enabled on an interface only when the ip helper-address is configured.

    DHCP clients use UDP broadcasts to send their initial DHCPDISCOVER message, because they do not have information about the network to which they are attached.

    If the client is on a network that does not include a server, UDP broadcasts are normally not forwarded by the attached router.

    The ip helper-address command causes the UDP broadcast to be changed to a unicast and forwarded out another interface to a unicast IP address specified by the command.

    The relay agent sets the gateway address (giaddr field of the DHCP packet) and, if configured, adds the relay agent information option (option 82) in the packet and forwards it to the DHCP server. The reply from the server is forwarded back to the client after removing option 82.

    Hi,

    Yeah, i was using ip helper-address cmd before under each vlan on the router pointing to the DHCP vlan and it worked very good but now i don't know where to use it.

    Thanks in advance. icon_wink.gificon_wink.gif
    · Share on FacebookShare on Twitter
  • Options
    scheistermeisterscheistermeister Member Posts: 748 ■□□□□□□□□□
    ip route 0.0.0.0 0.0.0.0 XX.XX.XX.XX

    That is for making a route out of your network. In inter-vlan routing on the same L3 switch you do not need and static routes or dynamic routing protocols because everything is already in the routing table from being directly corrected. If the dhcp server is in a different vlan than your devices you will have to use the ip helper addess command on the interface where the interface where the hosts are connected. the syntax would be

    ip helper address (address of the interface that the dhcp server is hooked into)
    Give a man fire and he'll be warm for a day. Set a man on fire and he'll be warm for the rest of his life.
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    Hi,

    Oh i see the cmd ip helper-address under each vlan on the 3550 switch, do i have to use it in all the vlans except in Vlan 3 (DHCP VLAN) and vlan 1 right?

    Thanks in advance. icon_wink.gificon_wink.gif
    · Share on FacebookShare on Twitter
  • Options
    scheistermeisterscheistermeister Member Posts: 748 ■□□□□□□□□□
    Also sorta have to ask... Is this just a home deal or are you studying this stuff for your CCNA? Because this question is from BSCI and I see you have portfast which is BCMSN stuff.
    Give a man fire and he'll be warm for a day. Set a man on fire and he'll be warm for the rest of his life.
    · Share on FacebookShare on Twitter
  • Options
    scheistermeisterscheistermeister Member Posts: 748 ■□□□□□□□□□
    elegua wrote:
    Hi,

    Oh i see the cmd ip helper-address under each vlan on the 3550 switch, do i have to use it in all the vlans except in Vlan 3 (DHCP VLAN)?

    Thanks in advance. icon_wink.gificon_wink.gif

    The vlans that have hosts that are looking for DHCP information. You do not need it on the server's side since it replys with unicast messages.
    Give a man fire and he'll be warm for a day. Set a man on fire and he'll be warm for the rest of his life.
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    scheistermeister wrote:
    Also sorta have to ask... Is this just a home deal or are you studying this stuff for your CCNA? Because this question is from BSCI and I see you have portfast which is BCMSN stuff.

    Hi,

    No, this is for my home network, what i'm trying to do is taking out all the services that i was running on my router, before i had firewall, dhcp and inter-vlan, now i have a dedicated DHCP server and upgraded the 2950 to a 3550 to do all the inter-vlan routing, i have MLPPP at home and i need the router only for that.

    I'll try all this and let you know later.

    Thanks in advance. icon_wink.gificon_wink.gif
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    scheistermeister wrote:
    elegua wrote:
    Hi,

    Oh i see the cmd ip helper-address under each vlan on the 3550 switch, do i have to use it in all the vlans except in Vlan 3 (DHCP VLAN)?

    Thanks in advance. icon_wink.gificon_wink.gif

    The vlans that have hosts that are looking for DHCP information. You do not need it on the server's side since it replys with unicast messages.

    Got it, I'll try and replay back later.

    thanks. icon_wink.gificon_wink.gif
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    Hi,

    Reading a BCMSN Portable Cmd Guide i found a very similar setup that i have and in the book Scott used EIGRP between the L3 switch and the router so i used OSPF and now everyhing is working good, i'm not sure if i can do this without routing protocol and i would like to know it, i don't want to run any routing protocol on the router, also i added the ip helper-address cmd and all hosts are getting an ip from the DHCP server.

    Any tips will be appreciate.

    Thanks in advance. icon_wink.gificon_wink.gif
    · Share on FacebookShare on Twitter
  • Options
    scheistermeisterscheistermeister Member Posts: 748 ■□□□□□□□□□
    If everything is hooked up the way I am thinking it is (3550 with 1 DHCP server and some hosts all plugged into the same switch) you do not need a routing protocol running for your clients to be able to get DHCP info from the server.

    Would you post up the output of sh ip ro?
    Give a man fire and he'll be warm for a day. Set a man on fire and he'll be warm for the rest of his life.
    · Share on FacebookShare on Twitter
  • Options
    eleguaelegua Member Posts: 282
    scheistermeister wrote:
    If everything is hooked up the way I am thinking it is (3550 with 1 DHCP server and some hosts all plugged into the same switch) you do not need a routing protocol running for your clients to be able to get DHCP info from the server.

    Would you post up the output of sh ip ro?

    Hi,

    DHCP worked without OSPF, after added ip helper cmd everything was good, i used OSPF because the hosts don't have internet, after added OSPF all hosts have internet.

    Thanks. icon_wink.gif
    · Share on FacebookShare on Twitter
Sign In or Register to comment.