Questions

Single Win2003 DHCP server addressing to several Vlans

+
0 Votes
Locked

Single Win2003 DHCP server addressing to several Vlans

Net_Student
Hi.

I'm putting up a network, this network got mainly a switch topology.

To make the senario smaller I got a Win2003 AD, DNS and DHCP in one server connected to a Layer 2 switch, this switch in turn is connected to a Cisco 3560 switch at Layer 3.

Many companies doesn't have more than one DHCP server. However they do surely have more than one vlan who will need ip addresses.

So I want to put computers in different vlans and have DHCP assign ip addresses to them originating from the DHCP server.

Of course I could just as well make dhcp pools and servers on the L3 switch or a routher. However the point were to use a single server. I have tried a lot of configurations and searched a lot the last days for help, yet I don't see "this is how you do". The Dhcp server is working just fine having everything on the same vlan works and adresses are assigned. But it do not work when I add more scopes for other vlans. I tried with connecting the dhcp server to the L3 switch and assigning it to an ip address but it didn't work either.

If there's a way to share a Dhcp server over vlans or to configure the DHCP server against the L3 switch then do please let me know Asap.


Doing my Project and this part took to much time already. If I could have maby some kind of configuration mailed to me in a real senario it might help a lot as well.

DHCP Server
----|
L2 Switch
----|
---Core-----------
----|----------|
L2 Switch L2 Switch
-----|---------|
client Client

Small topology.

If anyone got the knowledge or something I'm doing isn't possible then do please let me know. Any help is welcome.
  • +
    0 Votes
    Churdoo

    This looks like an easy tutorial
    http://www.computerperformance.co.uk/w2k3/services/DHCP_Relay_Agent.htm

    Configure the multiple DHCP scopes on your W2K3 server and configure DHCP Relay Agent on the 3560

    +
    0 Votes
    Net_Student

    Thanks man. Did that, still having problems though. As long that the client is on vlan 1 it gets an address. I did however notice one of the 4 computers I'm using had succeded to got itself an address on the 192.168.1.1 scope. But I didn't pay much attention to that computer so I got no idea when it started to work and when it stopped.:S

    I got everything setup in vmare, server2003 got the ip addres 192.168.0.1 and a gateway to 192.168.0.2 which is the real connection on my laptop.

    The laptop do in turn got 192.168.0.2 with a gateway 192.168.0.1 etc simple.

    DNS, Dhcp was configured on the ip addres 192.168.0.1.

    All Ip helper-address in vlan 1,20,30 are aiming toward 192.168.0.1. I did as well try to aim the Ip helper-addres towards the scopes. No success.

    The scopes are
    192.168.0.1
    192.168.1.1
    192.168.2.1

    These are as well the dhcp router gateways on the DHCP scopes. Except for scope 192.168.1.1 which gateway is 192.168.0.1. I have been trying a lot of things.:P

    interface Vlan1
    ip address 192.168.0.5 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan10
    ip address 192.168.1.5 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted


    I got to say that it feels like I'm getting dumber for every minit, I tried everything I know then I try ever litle tip out there.:P

    And the DHCP relay. I added all the dhcp scopes router gateway + the ip address of the local connection 192.168.0.1. That should make it safe enough.

    +
    0 Votes
    CG IT

    you have to have intervlan routing and IP helper addressing helps but your layer 3 device must be able to "route" the traffic between vlans.

    +
    0 Votes
    Net_Student

    Was to hit ip routing and add a few nets into router ospf 1 process.:P

    interface Vlan1
    ip address 192.168.0.4 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan10
    ip address 192.168.1.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.2.1
    ip dhcp relay information trusted

    Of course with that address it seems to only pick up addresses from the secound scope, I inactivated the first one.


    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 192.168.1.0 0.0.0.255 area 0
    network 192.168.2.0 0.0.0.255 area 0
    !

    I connected the clients and DHCP server to the same switch the L3, 3560(to make it all easier). Thanks though, you surely meant something as well that I'm not thinking about.:P


    However you're right. I can't ping across vlans, well to host in the same obviously.

    Another problem is that whatever vlan I put the server on it seems to grab only ip addresses from the first possible scope.


    that I can't ping is strange though, trunking, router ospf enabled etc.

    +
    0 Votes
    Net_Student

    Layer 3:

    sh vlan b n
    ^
    % Invalid input detected at '^' marker.

    Core(config-router)#end
    Core#sh vlan
    08:02:05: %SYS-5-CONFIG_I: Configured from console by console n

    VLAN Name Status Ports
    ---- -------------------------------- --------- -------------------------------
    1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
    Fa0/9, Fa0/11, Fa0/12, Fa0/15
    Fa0/18, Fa0/19, Fa0/20, Fa0/23
    Fa0/24, Gi0/1, Gi0/2
    5 Server active
    10 Accounting active Fa0/13, Fa0/17, Fa0/22
    20 Marketing active Fa0/10, Fa0/14, Fa0/16, Fa0/21
    30 Engineering active
    1002 fddi-default act/unsup
    1003 token-ring-default act/unsup
    1004 fddinet-default act/unsup
    1005 trnet-default act/unsup

    VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1 enet 100001 1500 - - - - - 0 0
    5 enet 100005 1500 - - - - - 0 0
    10 enet 100010 1500 - - - - - 0 0
    20 enet 100020 1500 - - - - - 0 0
    30 enet 100030 1500 - - - - - 0 0
    --More--  
    VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1002 fddi 101002 1500 - - - - - 0 0
    1003 tr 101003 1500 - - - - - 0 0
    1004 fdnet 101004 1500 - - - ieee - 0 0
    1005 trnet 101005 1500 - - - ibm - 0 0

    Remote SPAN VLANs
    ------------------------------------------------------------------------------


    Primary Secondary Type Ports
    ------- --------- ----------------- ------------------------------------------

    Core#
    Core#sh run
    Building configuration...

    Current configuration : 2469 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Core
    !
    !
    no aaa new-model
    ip subnet-zero
    ip routing
    ip domain-name tech.priv.com
    ip dhcp relay information trust-all
    !
    ip dhcp-server 192.168.0.1
    !
    !
    !
    no file verify auto
    --More--  spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    !
    interface FastEthernet0/1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/4
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/5
    --More--   switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/6
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    !
    interface FastEthernet0/9
    !
    interface FastEthernet0/10
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/11
    !
    interface FastEthernet0/12
    !
    interface FastEthernet0/13
    switchport access vlan 10
    --More--  !
    interface FastEthernet0/14
    switchport access vlan 20
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/17
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    switchport access vlan 20
    switchport mode access
    --More--  !
    interface FastEthernet0/22
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    ip address 192.168.0.4 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan10
    ip address 192.168.1.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    --More--  interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 192.168.1.0 0.0.0.255 area 0
    network 192.168.2.0 0.0.0.255 area 0
    !
    ip default-gateway 192.168.0.1
    ip classless
    ip http server
    !
    !
    !
    control-plane
    !
    !
    line con 0
    line vty 5 15
    !
    --More--  end

    Core#end


    Layer 2:
    end
    Server_Farm01#sh run
    18:48:47: %SYS-5-CONFIG_I: Configured from console by console      sh vlan

    VLAN Name Status Ports
    ---- -------------------------------- --------- -------------------------------
    1 default active Fa0/3, Fa0/4, Fa0/6, Fa0/7
    Fa0/8, Fa0/9, Fa0/14, Fa0/15
    Fa0/16, Fa0/17, Fa0/18, Fa0/19
    Fa0/20, Fa0/21, Fa0/22, Fa0/23
    Fa0/24, Gi0/1, Gi0/2
    5 Server active
    10 Accounting active Fa0/5, Fa0/10, Fa0/11
    20 Marketing active Fa0/12, Fa0/13
    30 Engineering active
    1002 fddi-default act/unsup
    1003 token-ring-default act/unsup
    1004 fddinet-default act/unsup
    1005 trnet-default act/unsup

    VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1 enet 100001 1500 - - - - - 0 0
    5 enet 100005 1500 - - - - - 0 0
    10 enet 100010 1500 - - - - - 0 0
    20 enet 100020 1500 - - - - - 0 0
    --More--  
    Server_Farm01#sh run
    Building configuration...

    Current configuration : 1910 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Server_Farm01
    !
    !
    no aaa new-model
    ip subnet-zero
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    --More--  !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport mode trunk
    !
    interface FastEthernet0/3
    !
    interface FastEthernet0/4
    !
    interface FastEthernet0/5
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/6
    switchport mode access
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    !
    interface FastEthernet0/9
    --More--  !
    interface FastEthernet0/10
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/11
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/12
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/13
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/14
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    !
    --More--  interface FastEthernet0/17
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    !
    interface FastEthernet0/22
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    ip address 192.168.0.5 255.255.255.0
    ip helper-address 192.168.0.1
    --More--   ip dhcp relay information trusted
    no ip route-cache
    !
    interface Vlan10
    ip address 192.168.1.2 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    no ip route-cache
    !
    interface Vlan20
    ip address 192.168.2.2 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    no ip route-cache
    !
    ip default-gateway 192.168.1.1
    ip http server
    !
    control-plane
    !
    !
    line con 0
    line vty 5 15
    --More--  !
    end

    Server_Farm01#


    Yes some configurations part are messy and half. However what here makes me not able to ping across the vlans?

    I can mail pictures for the dhcp server.

    All the Dhcp scopes:
    192.168.0.1
    192.168.1.1
    192.168.2.1

    Everyone got their default router with .1 in the end.

    Everyone got same DNS address which is 192.168.0.1.

    A problem is that whenever a computer connects it seems to take an ip from the first available scope. From the start it didn't.

    When you don't fully know something then you always end up making it worse. And this text do not tell me that much:

    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B
    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B
    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B
    08:29:35: DHCP: XID did NOT MATCH in dhcpc_for_us()
    08:29:35: DHCP: XID did NOT MATCH in dhcpc_for_us()
    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B


    Nightmare senario, sat to much with this so it might surely be a simple misstake. If one thing doesn't work then I try another, the best way would be to start over and redo. Though since I didn't succed the first time then it would be great to recive tips etc for the secound.

    I can configure cisco routers, was a while ago since I configured switches. I can make a subinterface on a router and out vlans, something from my memory is missing for L3 and L2 switches though. So I'm greatful for any help I get.

    +
    0 Votes
    Churdoo

    You said the default gateway on your Winders Server is 102.168.0.2 which you described as the "real connection on your laptop."

    So your Windows server can not route to the 192.168.1.0/24 and 192.168.2.0/24 networks unless you tell it to, presumably with a ROUTE ADD -P command, or by installing RRAS. Otherwise your Server will be sending this traffic to its default gateway, your laptop, which probably doesn't know what to do with this traffic. This could be part of your DHCP Relay problem.

    Do yourself a favor, Net_Student ... get everything in your stage network on the separate VLANs, set up with static IP and able to route/ping each other, THEN work on the DHCP RELAY problem.

    +
    0 Votes
    CG IT

    setup first and have intervlan routing working before trying to have hosts on different VLANs obtain addresses from a DHCP server. The reason being is that once intervlan routing works, clients can get addresses via DHCP relay agent.

    Note: intervlan routing requires a router. you can't do intervlan routing without a router [layer 3 device].

    If your vlans have subinterfaces on your ethernet interface on your router, then the router can route between the vlans.

    example:
    config t
    int fo0/1.1
    encapsulation dot1q 1
    ip address 192.168.1.16 255.255.255.0
    int fo 0/2.10
    encapsulation dot1q 2
    ip address 192.168.1.32 255.255.255.0
    no shut
    ctl+Z

    the default gateway is the ip address assigned to the routers subinterface in each vlan.

    the dot1q "1" where the "1" and "2" signifies the vlan #

    added for reference:

    the router is connected to the switch by subinterfaces. The switchport connecting to the router is a trunk port. clients connect to an access port on the switch, NOT trunk ports.

    added more:

    I noticed from your config file that you don't specify vlans on the subinterfaces. Also, you've got a lot of trunk ports assigned when you really only need 1 port designated as a trunk port which connects to the router's ethernet port [unless your also trunking between switches].

    see reference above about access ports and trunk ports on the switch.

    +
    0 Votes
    Net_Student

    Ah thanks, however I'm a bit smarter than that. Though you get dumb when you sit to much with cisco.

    I had an working conifiguration several times over and I never understand why it didn't work for me when it did for others.

    So I installed Win2003 server on a laptop and everthing went fine. It was very easy to configure the dhcp server and as well like the ip helper command. The only problem was that I belived everything were fine since one vlan/scope always worked without any problem.


    Yes there's a lot of trunks ports, pinging within Vlans always worked. Pinging over vlans worked this time when I reconfigured everything, don't rely know what went wrong.

    The topology I had were big so I had things pre-configured, each switch had two trunks. The access ports were however randomly created here and there untill things got working.

    I have been sitting with this for a very long time, and the problem ended up being that I ran it in vmware, never been good with vmware either.

    Here's the working configs(everything not listed as shutdown.

    Core#sh vlan

    VLAN Name Status Ports
    ---- -------------------------------- --------- -------------------------------
    1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
    Fa0/7, Fa0/8, Fa0/9, Fa0/10
    Fa0/11, Fa0/13, Fa0/14, Fa0/15
    Fa0/16, Fa0/17, Fa0/18, Fa0/19
    Fa0/20, Fa0/21, Fa0/22, Fa0/23
    Fa0/24, Gi0/1, Gi0/2
    5 Server/Management active Fa0/12
    10 Accounting active
    20 Marketing active
    30 Engineering active

    hostname Core


    no aaa new-model
    ip subnet-zero
    ip routing


    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id

    vlan internal allocation policy ascending


    interface FastEthernet0/1
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/4
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/5
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/6
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/12
    switchport access vlan 5
    switchport mode access
    description DHCP_AD_DNS_Server
    interface Vlan1
    no ip address
    shutdown

    interface Vlan5
    ip address 192.168.1.2 255.255.255.0

    interface Vlan10
    ip address 192.168.0.1 255.255.255.0
    ip helper-address 192.168.1.1

    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.1.1

    interface Vlan30
    ip address 192.168.3.1 255.255.255.0
    ip helper-address 192.168.1.1

    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 192.168.1.0 0.0.0.255 area 0
    network 192.168.2.0 0.0.0.255 area 0
    network 192.168.3.0 0.0.0.255 area 0

    ip classless
    ip http server


    line con 0
    password Password123 <-Win2k3 demanded a strong pass so used it everywhere.:P
    login

    line vty 5 15
    password Password123
    login

    One of the Office Switches:


    hostname Office_B01L01


    interface FastEthernet0/1
    switchport mode trunk

    interface FastEthernet0/2
    switchport mode trunk

    interface FastEthernet0/3
    switchport access vlan 10
    switchport mode trunk

    interface FastEthernet0/4
    switchport access vlan 10
    switchport mode trunk

    interface FastEthernet0/5
    switchport access vlan 10
    switchport mode access

    <---blabla-->

    interface FastEthernet0/24
    switchport access vlan 30

    interface Vlan1
    no ip address
    no ip route-cache

    interface Vlan5
    ip address 192.168.1.6 255.255.255.0
    no ip route-cache

    interface Vlan10
    no ip address
    no ip route-cache

    interface Vlan20
    no ip address
    no ip route-cache

    interface Vlan30
    no ip address
    no ip route-cache

    line con 0
    password Password123
    login
    line vty 0 4
    password Password123
    login
    line vty 5 15
    password Password123
    login


    I ended up not needing to install the DHCP relay Agent in Win2k3 though. Worked fine without it.

    Thanks for all the Help though, atleast I got to try something else rather than getting stuck on the same problem all the time. To much Cisco makes you dumb.:P

  • +
    0 Votes
    Churdoo

    This looks like an easy tutorial
    http://www.computerperformance.co.uk/w2k3/services/DHCP_Relay_Agent.htm

    Configure the multiple DHCP scopes on your W2K3 server and configure DHCP Relay Agent on the 3560

    +
    0 Votes
    Net_Student

    Thanks man. Did that, still having problems though. As long that the client is on vlan 1 it gets an address. I did however notice one of the 4 computers I'm using had succeded to got itself an address on the 192.168.1.1 scope. But I didn't pay much attention to that computer so I got no idea when it started to work and when it stopped.:S

    I got everything setup in vmare, server2003 got the ip addres 192.168.0.1 and a gateway to 192.168.0.2 which is the real connection on my laptop.

    The laptop do in turn got 192.168.0.2 with a gateway 192.168.0.1 etc simple.

    DNS, Dhcp was configured on the ip addres 192.168.0.1.

    All Ip helper-address in vlan 1,20,30 are aiming toward 192.168.0.1. I did as well try to aim the Ip helper-addres towards the scopes. No success.

    The scopes are
    192.168.0.1
    192.168.1.1
    192.168.2.1

    These are as well the dhcp router gateways on the DHCP scopes. Except for scope 192.168.1.1 which gateway is 192.168.0.1. I have been trying a lot of things.:P

    interface Vlan1
    ip address 192.168.0.5 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan10
    ip address 192.168.1.5 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted


    I got to say that it feels like I'm getting dumber for every minit, I tried everything I know then I try ever litle tip out there.:P

    And the DHCP relay. I added all the dhcp scopes router gateway + the ip address of the local connection 192.168.0.1. That should make it safe enough.

    +
    0 Votes
    CG IT

    you have to have intervlan routing and IP helper addressing helps but your layer 3 device must be able to "route" the traffic between vlans.

    +
    0 Votes
    Net_Student

    Was to hit ip routing and add a few nets into router ospf 1 process.:P

    interface Vlan1
    ip address 192.168.0.4 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan10
    ip address 192.168.1.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.2.1
    ip dhcp relay information trusted

    Of course with that address it seems to only pick up addresses from the secound scope, I inactivated the first one.


    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 192.168.1.0 0.0.0.255 area 0
    network 192.168.2.0 0.0.0.255 area 0
    !

    I connected the clients and DHCP server to the same switch the L3, 3560(to make it all easier). Thanks though, you surely meant something as well that I'm not thinking about.:P


    However you're right. I can't ping across vlans, well to host in the same obviously.

    Another problem is that whatever vlan I put the server on it seems to grab only ip addresses from the first possible scope.


    that I can't ping is strange though, trunking, router ospf enabled etc.

    +
    0 Votes
    Net_Student

    Layer 3:

    sh vlan b n
    ^
    % Invalid input detected at '^' marker.

    Core(config-router)#end
    Core#sh vlan
    08:02:05: %SYS-5-CONFIG_I: Configured from console by console n

    VLAN Name Status Ports
    ---- -------------------------------- --------- -------------------------------
    1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
    Fa0/9, Fa0/11, Fa0/12, Fa0/15
    Fa0/18, Fa0/19, Fa0/20, Fa0/23
    Fa0/24, Gi0/1, Gi0/2
    5 Server active
    10 Accounting active Fa0/13, Fa0/17, Fa0/22
    20 Marketing active Fa0/10, Fa0/14, Fa0/16, Fa0/21
    30 Engineering active
    1002 fddi-default act/unsup
    1003 token-ring-default act/unsup
    1004 fddinet-default act/unsup
    1005 trnet-default act/unsup

    VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1 enet 100001 1500 - - - - - 0 0
    5 enet 100005 1500 - - - - - 0 0
    10 enet 100010 1500 - - - - - 0 0
    20 enet 100020 1500 - - - - - 0 0
    30 enet 100030 1500 - - - - - 0 0
    --More--  
    VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1002 fddi 101002 1500 - - - - - 0 0
    1003 tr 101003 1500 - - - - - 0 0
    1004 fdnet 101004 1500 - - - ieee - 0 0
    1005 trnet 101005 1500 - - - ibm - 0 0

    Remote SPAN VLANs
    ------------------------------------------------------------------------------


    Primary Secondary Type Ports
    ------- --------- ----------------- ------------------------------------------

    Core#
    Core#sh run
    Building configuration...

    Current configuration : 2469 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Core
    !
    !
    no aaa new-model
    ip subnet-zero
    ip routing
    ip domain-name tech.priv.com
    ip dhcp relay information trust-all
    !
    ip dhcp-server 192.168.0.1
    !
    !
    !
    no file verify auto
    --More--  spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    !
    interface FastEthernet0/1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/4
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/5
    --More--   switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/6
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    !
    interface FastEthernet0/9
    !
    interface FastEthernet0/10
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/11
    !
    interface FastEthernet0/12
    !
    interface FastEthernet0/13
    switchport access vlan 10
    --More--  !
    interface FastEthernet0/14
    switchport access vlan 20
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/17
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    switchport access vlan 20
    switchport mode access
    --More--  !
    interface FastEthernet0/22
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    ip address 192.168.0.4 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    interface Vlan10
    ip address 192.168.1.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    --More--  interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    !
    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 192.168.1.0 0.0.0.255 area 0
    network 192.168.2.0 0.0.0.255 area 0
    !
    ip default-gateway 192.168.0.1
    ip classless
    ip http server
    !
    !
    !
    control-plane
    !
    !
    line con 0
    line vty 5 15
    !
    --More--  end

    Core#end


    Layer 2:
    end
    Server_Farm01#sh run
    18:48:47: %SYS-5-CONFIG_I: Configured from console by console      sh vlan

    VLAN Name Status Ports
    ---- -------------------------------- --------- -------------------------------
    1 default active Fa0/3, Fa0/4, Fa0/6, Fa0/7
    Fa0/8, Fa0/9, Fa0/14, Fa0/15
    Fa0/16, Fa0/17, Fa0/18, Fa0/19
    Fa0/20, Fa0/21, Fa0/22, Fa0/23
    Fa0/24, Gi0/1, Gi0/2
    5 Server active
    10 Accounting active Fa0/5, Fa0/10, Fa0/11
    20 Marketing active Fa0/12, Fa0/13
    30 Engineering active
    1002 fddi-default act/unsup
    1003 token-ring-default act/unsup
    1004 fddinet-default act/unsup
    1005 trnet-default act/unsup

    VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1 enet 100001 1500 - - - - - 0 0
    5 enet 100005 1500 - - - - - 0 0
    10 enet 100010 1500 - - - - - 0 0
    20 enet 100020 1500 - - - - - 0 0
    --More--  
    Server_Farm01#sh run
    Building configuration...

    Current configuration : 1910 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Server_Farm01
    !
    !
    no aaa new-model
    ip subnet-zero
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    --More--  !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport mode trunk
    !
    interface FastEthernet0/3
    !
    interface FastEthernet0/4
    !
    interface FastEthernet0/5
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/6
    switchport mode access
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    !
    interface FastEthernet0/9
    --More--  !
    interface FastEthernet0/10
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/11
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/12
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/13
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/14
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    !
    --More--  interface FastEthernet0/17
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    !
    interface FastEthernet0/22
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    ip address 192.168.0.5 255.255.255.0
    ip helper-address 192.168.0.1
    --More--   ip dhcp relay information trusted
    no ip route-cache
    !
    interface Vlan10
    ip address 192.168.1.2 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    no ip route-cache
    !
    interface Vlan20
    ip address 192.168.2.2 255.255.255.0
    ip helper-address 192.168.0.1
    ip dhcp relay information trusted
    no ip route-cache
    !
    ip default-gateway 192.168.1.1
    ip http server
    !
    control-plane
    !
    !
    line con 0
    line vty 5 15
    --More--  !
    end

    Server_Farm01#


    Yes some configurations part are messy and half. However what here makes me not able to ping across the vlans?

    I can mail pictures for the dhcp server.

    All the Dhcp scopes:
    192.168.0.1
    192.168.1.1
    192.168.2.1

    Everyone got their default router with .1 in the end.

    Everyone got same DNS address which is 192.168.0.1.

    A problem is that whenever a computer connects it seems to take an ip from the first available scope. From the start it didn't.

    When you don't fully know something then you always end up making it worse. And this text do not tell me that much:

    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B
    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B
    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B
    08:29:35: DHCP: XID did NOT MATCH in dhcpc_for_us()
    08:29:35: DHCP: XID did NOT MATCH in dhcpc_for_us()
    08:29:35: DHCP: Received a BOOTREP pkt Not for us..: xid: 0xCDCEA64B


    Nightmare senario, sat to much with this so it might surely be a simple misstake. If one thing doesn't work then I try another, the best way would be to start over and redo. Though since I didn't succed the first time then it would be great to recive tips etc for the secound.

    I can configure cisco routers, was a while ago since I configured switches. I can make a subinterface on a router and out vlans, something from my memory is missing for L3 and L2 switches though. So I'm greatful for any help I get.

    +
    0 Votes
    Churdoo

    You said the default gateway on your Winders Server is 102.168.0.2 which you described as the "real connection on your laptop."

    So your Windows server can not route to the 192.168.1.0/24 and 192.168.2.0/24 networks unless you tell it to, presumably with a ROUTE ADD -P command, or by installing RRAS. Otherwise your Server will be sending this traffic to its default gateway, your laptop, which probably doesn't know what to do with this traffic. This could be part of your DHCP Relay problem.

    Do yourself a favor, Net_Student ... get everything in your stage network on the separate VLANs, set up with static IP and able to route/ping each other, THEN work on the DHCP RELAY problem.

    +
    0 Votes
    CG IT

    setup first and have intervlan routing working before trying to have hosts on different VLANs obtain addresses from a DHCP server. The reason being is that once intervlan routing works, clients can get addresses via DHCP relay agent.

    Note: intervlan routing requires a router. you can't do intervlan routing without a router [layer 3 device].

    If your vlans have subinterfaces on your ethernet interface on your router, then the router can route between the vlans.

    example:
    config t
    int fo0/1.1
    encapsulation dot1q 1
    ip address 192.168.1.16 255.255.255.0
    int fo 0/2.10
    encapsulation dot1q 2
    ip address 192.168.1.32 255.255.255.0
    no shut
    ctl+Z

    the default gateway is the ip address assigned to the routers subinterface in each vlan.

    the dot1q "1" where the "1" and "2" signifies the vlan #

    added for reference:

    the router is connected to the switch by subinterfaces. The switchport connecting to the router is a trunk port. clients connect to an access port on the switch, NOT trunk ports.

    added more:

    I noticed from your config file that you don't specify vlans on the subinterfaces. Also, you've got a lot of trunk ports assigned when you really only need 1 port designated as a trunk port which connects to the router's ethernet port [unless your also trunking between switches].

    see reference above about access ports and trunk ports on the switch.

    +
    0 Votes
    Net_Student

    Ah thanks, however I'm a bit smarter than that. Though you get dumb when you sit to much with cisco.

    I had an working conifiguration several times over and I never understand why it didn't work for me when it did for others.

    So I installed Win2003 server on a laptop and everthing went fine. It was very easy to configure the dhcp server and as well like the ip helper command. The only problem was that I belived everything were fine since one vlan/scope always worked without any problem.


    Yes there's a lot of trunks ports, pinging within Vlans always worked. Pinging over vlans worked this time when I reconfigured everything, don't rely know what went wrong.

    The topology I had were big so I had things pre-configured, each switch had two trunks. The access ports were however randomly created here and there untill things got working.

    I have been sitting with this for a very long time, and the problem ended up being that I ran it in vmware, never been good with vmware either.

    Here's the working configs(everything not listed as shutdown.

    Core#sh vlan

    VLAN Name Status Ports
    ---- -------------------------------- --------- -------------------------------
    1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
    Fa0/7, Fa0/8, Fa0/9, Fa0/10
    Fa0/11, Fa0/13, Fa0/14, Fa0/15
    Fa0/16, Fa0/17, Fa0/18, Fa0/19
    Fa0/20, Fa0/21, Fa0/22, Fa0/23
    Fa0/24, Gi0/1, Gi0/2
    5 Server/Management active Fa0/12
    10 Accounting active
    20 Marketing active
    30 Engineering active

    hostname Core


    no aaa new-model
    ip subnet-zero
    ip routing


    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id

    vlan internal allocation policy ascending


    interface FastEthernet0/1
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/4
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/5
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/6
    switchport trunk encapsulation dot1q
    switchport mode trunk

    interface FastEthernet0/12
    switchport access vlan 5
    switchport mode access
    description DHCP_AD_DNS_Server
    interface Vlan1
    no ip address
    shutdown

    interface Vlan5
    ip address 192.168.1.2 255.255.255.0

    interface Vlan10
    ip address 192.168.0.1 255.255.255.0
    ip helper-address 192.168.1.1

    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.1.1

    interface Vlan30
    ip address 192.168.3.1 255.255.255.0
    ip helper-address 192.168.1.1

    router ospf 1
    log-adjacency-changes
    network 192.168.0.0 0.0.0.255 area 0
    network 192.168.1.0 0.0.0.255 area 0
    network 192.168.2.0 0.0.0.255 area 0
    network 192.168.3.0 0.0.0.255 area 0

    ip classless
    ip http server


    line con 0
    password Password123 <-Win2k3 demanded a strong pass so used it everywhere.:P
    login

    line vty 5 15
    password Password123
    login

    One of the Office Switches:


    hostname Office_B01L01


    interface FastEthernet0/1
    switchport mode trunk

    interface FastEthernet0/2
    switchport mode trunk

    interface FastEthernet0/3
    switchport access vlan 10
    switchport mode trunk

    interface FastEthernet0/4
    switchport access vlan 10
    switchport mode trunk

    interface FastEthernet0/5
    switchport access vlan 10
    switchport mode access

    <---blabla-->

    interface FastEthernet0/24
    switchport access vlan 30

    interface Vlan1
    no ip address
    no ip route-cache

    interface Vlan5
    ip address 192.168.1.6 255.255.255.0
    no ip route-cache

    interface Vlan10
    no ip address
    no ip route-cache

    interface Vlan20
    no ip address
    no ip route-cache

    interface Vlan30
    no ip address
    no ip route-cache

    line con 0
    password Password123
    login
    line vty 0 4
    password Password123
    login
    line vty 5 15
    password Password123
    login


    I ended up not needing to install the DHCP relay Agent in Win2k3 though. Worked fine without it.

    Thanks for all the Help though, atleast I got to try something else rather than getting stuck on the same problem all the time. To much Cisco makes you dumb.:P