How to configure VLAN correctly?

needforspeed

Hi!
If I configure the 2960-24TT two switches like this:

S1(config):interface vlan 10
S1(config-if):ip address 192.168.10.1 255.255.255.0
S1(config):interface vlan 20
S1(config-if):ip address 192.168.20.1 255.255.255.0
S1(config):interface vlan 77
S1(config-if):ip address 192.168.77.1 255.255.255.0
S1(config):interface vlan 88
S1(config-if):ip address 192.168.88.1 255.255.255.0

S2(config):interface vlan 10
S2(config-if):ip address 192.168.10.2 255.255.255.0
S2(config):interface vlan 20
S2(config-if):ip address 192.168.20.2 255.255.255.0
S2(config):interface vlan 77
S2(config-if):ip address 192.168.77.2 255.255.255.0
S2(config):interface vlan 88
S2(config-if):ip address 192.168.88.2 255.255.255.0


Students VLAN 10 192.168.10.0/24
Staff VLAN 20 192.168.20.0/24
Wireless VLAN 77 192.168.77.0/24
Voice VLAN 88 192.168.88.0/24

Am I doing this completely wrong?
How do I configure DHCP pools for Students, Staff, Wireless and Voice? I guess this is done on the router? Thanks

rogue2shadow

Cisco IOS IP Configuration Guide, Release 12.2 - Configuring DHCP - Cisco Systems

CodeBlox

The management VLAN gets the IP address. I think only one of those will be up though.

needforspeed

How do I remove an ip dhcp pool? Also if I don't know the default-router ip do I have to add it?

AD227529

You would create the vlan's with the command vlan and then the vlan number. Then you name them. For example, to create vlan 10 the command is VLAN 10 and then the command Name Students. As CodeBlox said, you don't need IP addresses except for the management VLAN's, so you can telnet or ssh to the switch from each VLAN (subnet). Once you have the VLAN's created on your switch, just move the interfaces on your switch to the VLAN's you want them in.

CodeBlox

needforspeed wrote: »

How do I remove an ip dhcp pool? Also if I don't know the default-router ip do I have to add it?

no ip dhcp pool [pool_name]

And you'll want to know the default-gateway if you plan to route to other networks outside of the LAN. The DHCP clients wont have a default-gateway configured if you don't do this. You'd have to statically type it in.


Students VLAN 10 192.168.10.0/24

For say, the students vlan, you could do this on the router or switch for the DHCP pool:

ip dhcp pool Students
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1 
!
!optional 
dns-server 192.168.10.2
!

Do know that you will not have any inter-vlan communication without the services of layer 3. In your case, likely router on a stick using sub-interfaces. Now each of THOSE get IP Addresses.

needforspeed

This is what Im trying to do:

Configure DHCP Pools named Students, Staff, Wireless and Voice for VLAN 10, 20, 77 and 88 respectively.
Populate each pool with the correct addresses for the VLANS; ensure that hosts connected to the switch port can obtain IP address information from the router.

capitanuionut

needforspeed wrote: »

Hi!
If I configure the 2960-24TT two switches like this:

S1(config):interface vlan 10
S1(config-if):ip address 192.168.10.1 255.255.255.0
S1(config):interface vlan 20
S1(config-if):ip address 192.168.20.1 255.255.255.0
S1(config):interface vlan 77
S1(config-if):ip address 192.168.77.1 255.255.255.0
S1(config):interface vlan 88
S1(config-if):ip address 192.168.88.1 255.255.255.0

S2(config):interface vlan 10
S2(config-if):ip address 192.168.10.2 255.255.255.0
S2(config):interface vlan 20
S2(config-if):ip address 192.168.20.2 255.255.255.0
S2(config):interface vlan 77
S2(config-if):ip address 192.168.77.2 255.255.255.0
S2(config):interface vlan 88
S2(config-if):ip address 192.168.88.2 255.255.255.0


Students VLAN 10 192.168.10.0/24
Staff VLAN 20 192.168.20.0/24
Wireless VLAN 77 192.168.77.0/24
Voice VLAN 88 192.168.88.0/24

Am I doing this completely wrong?
How do I configure DHCP pools for Students, Staff, Wireless and Voice? I guess this is done on the router? Thanks

I dont think i get what are you exactly saying...but VLANS means Layer 2...so no dhcp,ip needed...

CodeBlox

Could you post a running-config for the dhcp server(in the case of packet tracer, the router) and the switch?

MrRyte

needforspeed; can you post your router config as well?

billyr

The switch you are using is a layer 2 device it has no routing capabilities to allow your Vlans to talk between each other your going to need to do router on a stick here.

On the switch, first create your vlans -

vlan 10
name students
vlan 20
name Staff
vlan 77
name Wireless
Vlan 88
name Voice

then assign the switchports you need to the relevent Vlans.
e.g
int f0/1
switchport access vlan 10
switchport mode access

int range f0/2 - 5
switchport access vlan 20
switchport mode access

once you have assigned your ports to the relevant VLANS you'll want to make one of your switchports a trunk port, this will be the port that will connect to your router.

e.g
int f0/24
switchport mode trunk

The intervlan routing takes place on the router.

e.g

int f0/0
no shut
int f0/0.1
encaps dot1q 1 native
ip add 192.168.1. 254 255.255.255.0
int f0/0.10
encaps dot1q 10
ip add 192.168.10.254 255.255.255.0
int f0/0.20
encaps dot1q 20
ip add 192.168.20.254 255.255.255.0
int f0/0.77
encaps dot1q 77
ip add 192.168.77.254 255.255.255.0
int f0/0.88
encaps dot1q 88
ip add 192.168.88.254 255.255.255.0

This will take care of the routing between the vlans. As far as the DHCP pools go, you will need a seperate pool for each of your vlans:

ip dhcp pool students
network 192.168.10.0 /24 (yes you can use the slash notation)
default-router 192.168.10.254


ip dhcp pool staff
network 192.168.20.0 /24
default-router 192.168.20.254

continue for each vlan.

you can also add extra info like your domain name, DNS server address and alter lease times. Probably best as well to add some exclusions stopping any of your statically assigned i.p addresses being issued.

e.g
dhcp excluded-address 192.168.10.254 192.168.10.254

CodeBlox

*sigh* - That was likely his homework, and you just did it for him.

needforspeed

I think I was not meant to add ip addresses for VLAN. The other thing I don't understand is what the VLAN voice is for. Theres nothing that shows what the VLAN voice is.

CodeBlox

Those switches do get IP addresses, and as I said earlier, would be the management VLAN and in this case, your switches VLAN 99 would get the IP address.

needforspeed

CodeBlox wrote: »

Those switches do get IP addresses, and as I said earlier, would be the management VLAN and in this case, your switches VLAN 99 would get the IP address.

Thank you.

needforspeed

The link lights are dark green instead of the light green? It makes my laptop spin fast as well for some reason. Can I put any ip for the router?


Router

!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname ABC-Birmingham
!
!
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.20.1
ip dhcp excluded-address 192.168.77.1
ip dhcp excluded-address 192.168.88.1
!
ip dhcp pool Students
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
ip dhcp pool Staff
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
ip dhcp pool Wireless
network 192.168.77.0 255.255.255.0
default-router 192.168.77.1
ip dhcp pool Voice
network 192.168.88.0 255.255.255.0
default-router 192.168.88.1
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
!
router rip
!
ip classless
!
!
!
!
!
!
!
line con 0
password cisco
login
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
!
end


VTP server stp root
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname "BHAM Server1"
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
spanning-tree vlan 1 priority 4096
!
interface FastEthernet0/1
switchport access vlan 99
switchport mode trunk
!
interface FastEthernet0/2
switchport mode trunk
!
interface FastEthernet0/3
switchport mode trunk
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
ip address 192.168.99.2 255.255.255.0
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
end


Switch 1
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname "BHAM Client1"
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
!
interface Vlan88
no ip address
!
interface Vlan99
ip address 192.168.99.3 255.255.255.0
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
end


Switch 2
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname "BHAM Client2"
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
switchport access vlan 77
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
!
interface Vlan77
no ip address
!
interface Vlan88
no ip address
!
interface Vlan99
ip address 192.168.99.4 255.255.255.0
!
!
line con 0
password cisco
login
!
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
end

Radiant9

...and slowing down your harddrive, I found in Packet Tracer that if you have several switches all doing Vlans and you set 1 as a VTP server and the rest as clients, the clients start bombarding your network with update messages or some such (don't recall what kind it was). If all switches are set to server mode in VTP, that problem goes away. Don't know if it's like that in the real world, but it is in packet tracer.

Radiant9

in less I am missing something, doesn't seem like you set up a trunk port on your S2 (BHAM-Client2 I believe).

needforspeed

Why is the interface FastEthernet0/1 access and trunk?

VTP server stp root
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname "BHAM Server1"
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
spanning-tree vlan 1 priority 4096
!
interface FastEthernet0/1
 switchport access vlan 99
 switchport mode trunk

phoeneous

needforspeed wrote: »

Why is the interface FastEthernet0/1 access and trunk?

VTP server stp root
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname "BHAM Server1"
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
spanning-tree vlan 1 priority 4096
!
interface FastEthernet0/1
 switchport access vlan 99
 switchport mode trunk

Have you read up on vlans at all?

needforspeed

What do the port numbers mean?

tomaifauchai

If i were you, i would read this

Introduction to Cisco VLANs | TechHead.co.uk