Question

Locked

3560 & 2 VLANs (DHCP issue)

By devdevil85 ·
I have (1) Cisco 3560 and I am wanting to create (2) port-based VLANs. IP addresses will be obtained via an external Windows 2003 DHCP Server. Port 22 is the only port in VLAN10 at the moment, while the others are in VLAN1.

DHCP Server = 192.168.1.1
Kentrox Router = 192.168.1.15

Here is my configuration thus far:

version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco_POE
!
enable secret 5
!
ip subnet-zero
ip routing
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.1.7 255.255.254.0
ip helper-address 192.168.1.1
!
interface Vlan10
ip address 192.168.10.1 255.255.254.0
ip helper-address 192.168.1.1
!
router rip
version 2
network 192.168.10.0
!
ip classless
ip default-network 192.168.1.0
ip route 0.0.0.0 0.0.0.0 192.168.1.15
ip http server
!
!
control-plane
!
!
!
end

Devices on VLAN1 are being issued IP addresses correctly, yet when I connect my laptop to port 22 (VLAN10) it is not obtaining an address and I am given an error.

I have created an address range (scope) for VLAN10 on the DHCP server, yet the laptop is unable to obtain an IP address via DHCP on port 22 (VLAN10). I am left unable to test whether I can get communication between the VLANs.

I am able to ping VLAN1 but not VLAN10 (if that helps).

Is there something that I am missing/doing wrong?

This conversation is currently closed to new comments.

78 total posts (Page 5 of 8)   Prev   03 | 04 | 05 | 06 | 07   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Access port

by CG IT In reply to Well from what I know...

do you use Access Ports?

you have 1 port on VLAN10 so what does it use to get to VLAN1? you have 23 ports on VLAN1 what port do you use for Access to your Kentrix router?

If it was me, I'd create static routes all to the Kentrix router.

Collapse -

Right now we only have 1 port in VLAN10 and

by devdevil85 In reply to Access port

My coworker's laptop was plugged into port 22 (VLAN10) and it was configured as an access port. All other 23 ports were nonconfigured, sitting in VLAN1. I know the Kentrox connects to the 3560, so I would guess that one of the ports could have been trunked, right?

CG, what would the route entry be for "VLAN10 traffic not destined to VLAN1 go to the Kentrox (for the internet/an outside network)"? that you said previously that you think I should enter...

You said, "If it was me, I'd create static routes all to the Kentrix router."

Do I create them for VLAN1 & 10?

Thanks

Collapse -

802.1Q trunking

by CG IT In reply to layer 3 device is a route ...

You use 802.1Q trunking to route between VLANs using "router on a stick". you need to divide the L3 device's interface into multiple addressable interfaces, 1 for each VLAN.

here's the command for the default route:

ip route 0.0.0.0 0.0.0.0 192.168.X.X where 192.168.X.X is the ip address of the next hop router.

if you use IP Classless, a packet with a destination on an unknown subnet or not on the directly connected subnet, the packet is sent to the default route to the next hop router. you already do ip classless [on by default] . without going through all posts, what is your 192.168.1.15 address? the L3 switch or your router?

Given that, your L3 device needs subinterfaces with addresses for both VLANs 1 and 10. the L3 device then can route packets between VLANs. your L3 device also needs ip classless and the default route to the next hop.

Do you need the commands for that?

Collapse -

The Kentrox Router is

by devdevil85 In reply to 802.1Q trunking

192.168.1.15

The 3560 is 192.168.1.7

Hmm....so I need to use 802.1Q trunking on a Routed Port on the 3560, right?

And then I need to divide the "Routed Port" into multiple subinterfaces, right?

I remember how to do it on the Router itself, but as you already know we want this to be a "router on a stick" and to eliminate any Kentrox activity except for getting us to the net.

Collapse -

well your L3 device is a router in Cisco terms

by CG IT In reply to The Kentrox Router is

you should be able to configure sub interfaces on the 3500 for VLANs if it's a layer 3 device [Cisco layer 3 device]

you should also be able to configure the default route on the 3500 which says, send all traffic not destined for VLAN1 or VLAN10 hosts to the Kentrox. that's the ip classless / ip route commands

Typically, I don't design infrastructure with a layer 3 switch doing routing functions but I'm old school where we used layer 2 devices for all switching and layer 3 for routing. I know Cisco created layer 3 switches to cut down on infrastructure hardware but.... if it was me, I'd have a 1800 in there doing routing between VLANs on the 3500 and leave the 3500 to just do switching. Waste of the 3500 capabilities but it does make configuration simpler.

Collapse -

Sadly I would use the Kentrox, but the boss

by devdevil85 In reply to well your L3 device is a ...

is disappointed that we aren't utilizing the extra horsepower and really wants to see if we can get the 3560 to be used as both a L2 switch AND a layer 3 router (for the inter-vlan routing). That way if we implement this solution to other parts of the company or for other clients we will have something to go by.

CG, what would the default route look like that says "send all traffic not destined for VLAN1 or VLAN10 hosts to the Kentrox". I'm kind of new to writing statements like that so...., but I know how to write direct statements that says specific traffic needs to go To something From something...but not as general as this....

Collapse -

The default route should be

by Dumphrey In reply to Sadly I would use the Ken ...

ip route 0.0.0.0 0.0.0.0 (ipaddress of the kentronics iface connected to the 3560)

The 3560 and kentronics need to be on a seperate subnet (/30) then either vlan1 or vlan10.

to simplify, vlan1 is 192.168.1.0/24
vlan10 is 192.168.10.0/24

Collapse -

Waste....

by Dumphrey In reply to well your L3 device is a ...

we have a catalyst 4008 with 3 10/100 banks and 8 fiber ports (7 unused) doing nothing but passive switching...

Collapse -

The default route on the l3 switch

by Dumphrey In reply to 802.1Q trunking

needs to bee on a seperate subnet then vlan1 or vlan10, you have 2 networks on your device and you need 3. 1 for vlan1, 1 for vlan10, and 1 to connect to your router/firewall.

Collapse -

Whoa...I'm confused

by devdevil85 In reply to The default route on the ...

Why would I need to create a 3rd subnet? I figured that it had to be bad configuration for VLAN10 as the reason for why it can't reach the internet/receive DHCP information, and that I just need to change the GW on VLAN1 devices to the 3560 itself and not the Kentrox and that I need to create an SVI/L3 port on the 3560 and then have to point the L3 SVI port on the 3560 to the Kentrox....I feel like I just need to point the correct devices to their next respective hops w/o pointing them to devices that are 1 hop too far.....

but I honestly am new to this just like you (read you bio) so maybe I'm totally wrong....but I just don't see why I'd need to create a 3rd sub-network.....

Back to Networks Forum
78 total posts (Page 5 of 8)   Prev   03 | 04 | 05 | 06 | 07   Next

Related Discussions

Related Forums