Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


15 posts

Geek
+1 received by user: 35


Topic # 127174 1-Aug-2013 15:08
Send private message

Hi, hopefully someone will read this and go 'Ah ha, you are missing something obvious - do this..' and I'll be on my way. :)

I have an issue whereby a Win 2K server running DHCP which resides on a 192.168.10.x network will issue DHCP to any hosts on the same subnet, but not on any other routed VLAN subnets. Eg. 192.168.0.x or 192.168.20.x networks.

The L3 switch I have is set up for inter-VLAN routing with virtual interfaces set - and hosts can reach each other on any of the VLANs to any of the other VLANs currently. They all can access the firewall and  and onwards to the net. Outside of the 192.168.10.x network the other hosts work when I set static IP details.

Interestingly, if I have a host on the same subnet as the DHCP server (eg with 192.168.10.10 address) it is pingable from any other VLAN (eg from a host at 192.168.20.10) BUT my W2K DHCP server (at 192.168.10.1 for example) is not able to be pinged from that 20.10 machine. The server can be pinged on the same subnet though.

This is in a home network lab that I've set up for testing / learning and the 'Server' is actually an old desktop with an old Realtek GB NIC installed and I'm wondering if the issues I'm having come down to the NIC somehow dropping the frames from other VLANs or something like that? I'm no expert so I am sure I am overlooking something really basic here.

By the way, the switch is set up to relay the DHCP using IP Helper addresses on each of the VE's, so I'm fairly certain that config is OK (famous last words). Also, I've tried doing the relay through the firewall (placing the server on a DMZ and setting rules between that and the internal lan) - all things point to being a communication problem from 1 VLAN to the specific server address when on another.

The only problem is, I don't currently have any other network cards to test in the machine - but if it would solve the issue (assuming that is the issue) then I will buy a new NIC. Can't stretch to a proper server just yet :)

Obviously looking for any hints or tips or things to try. Its not a production network obviously so I can break or reconfig anything to solve.

TIA.

Create new topic
2522 posts

Uber Geek
+1 received by user: 937

Subscriber

  Reply # 870037 1-Aug-2013 15:13
Send private message

If the DHCP servier is on a different VLAN it won't allocate IPs. Until a device within the VLAN has an IP and a valid local gateway to allow routing out to the other VLANs, it has no connectivity to them. Your best bet is to set up DHCP relay on the other VLAN(s) to forward DHCP requests to your DHCP server, with a different scope set up for each VLAN.




Windows 7 x64 // i5-3570K // 16GB DDR3-1600 // GTX660Ti 2GB // Samsung 830 120GB SSD // OCZ Agility4 120GB SSD // Samsung U28D590D @ 3840x2160 & Asus PB278Q @ 2560x1440
Samsung Galaxy S5 SM-G900I w/Spark

2091 posts

Uber Geek
+1 received by user: 848


  Reply # 870040 1-Aug-2013 15:15
Send private message

DHCP Helpers (or ip helper, or dhcp relay) is usually configured on each VLAN that has devices you wish to receive leases on, and points to the IP of your DHCP server.

Your DHCP server must have individual scopes for each network, with the router/gateway set to the ip of the VLAN interface on your switch.

If that is done, it will work.

Edit: Sorry, just reread your post, what is your routing setup? Everything needs to point to a central point for it to work - sounds like that should be your switch. What is the default gateway on your server?

2nd Edit: Your server has no visibility of VLANs, it sees a single piece of Ethernet. Unless you are running higher end NICs that are VLAN aware (and configured appropriately) packets from other VLANs are just routed and look the same as other packets


3rd Edit: Not happy with the last two, what your network should look like e.g.

192.168.10.1 - Interface on your Layer 3 Switch
192.168.10.10 - Your Server

Your server should have 192.168.10.1 as the gateway
Your DHCP Scopes should include a scope for 192.168.20.0/24 with 192.168.20.1 as the Router/Gateway

192.168.20.1 - Interface on your Layer 3 Switch - IP Helper configured here pointing to 192.168.10.1
192.168.20.10 - Random Device

Device should have 192.168.20.1 as the gateway




15 posts

Geek
+1 received by user: 35


  Reply # 870041 1-Aug-2013 15:19
Send private message

Thanks for the reply. I have set up the DHCP to be relayed between VLANs - each of the VLAN's have their own virtual interface address (eg for the 192.168.10.0 network, the VE address is 192.168.10.254 for example - with an IP Helper (relay) address on that VE for the DHCP server - eg 192.168.10.1). From what I understand so far, the relay will take the DHCP discovery from the subnet the device looking for DHCP is attached to, and forward it between VLAN to the subnet that the DHCP server resides on. I could be wrong through.

The curiosity comes in the fact that the only host on that subnet that cannot be 'pinged' from other VLANs is the DHCP server.

Maybe I've set the relay up incorrectly?


2091 posts

Uber Geek
+1 received by user: 848


  Reply # 870043 1-Aug-2013 15:21
Send private message

What is the default gateway on your server.



15 posts

Geek
+1 received by user: 35


  Reply # 870045 1-Aug-2013 15:25
Send private message

wasabi2k: What is the default gateway on your server.


On the server, the default gateway is the VE address - my static entry on the server NIC reads
IP - 192.168.10.1
Subnet 255.255.255.0
DG 192.168.10.254


2522 posts

Uber Geek
+1 received by user: 937

Subscriber

  Reply # 870062 1-Aug-2013 15:28
Send private message

Can the DHCP server ping devices on other VLANs? Are you doing any sort of VLAN tagging on the DHCP server NICs?




Windows 7 x64 // i5-3570K // 16GB DDR3-1600 // GTX660Ti 2GB // Samsung 830 120GB SSD // OCZ Agility4 120GB SSD // Samsung U28D590D @ 3840x2160 & Asus PB278Q @ 2560x1440
Samsung Galaxy S5 SM-G900I w/Spark



15 posts

Geek
+1 received by user: 35


  Reply # 870067 1-Aug-2013 15:32
Send private message


3rd Edit: Not happy with the last two, what your network should look like e.g.

192.168.10.1 - Interface on your Layer 3 Switch
192.168.10.10 - Your Server

Your server should have 192.168.10.1 as the gateway
Your DHCP Scopes should include a scope for 192.168.20.0/24 with 192.168.20.1 as the Router/Gateway

192.168.20.1 - Interface on your Layer 3 Switch - IP Helper configured here pointing to 192.168.10.1
192.168.20.10 - Random Device

Device should have 192.168.20.1 as the gateway



Sorry - just noticed your edits - and appreciate your input.

I *think* I'm set up as you suggested here - each of the VLANs I set up have a virtual ethernet address (set as .254 on each range). Each of the hosts within that subnet (when set up statically) have the default gateway pointing to the .254 address which is the VE.

The scopes I have set up under DHCP are separate for each VLAN subnet and have the GW pointing to the VE on each subnet (eg scope 192.168.20.0/24 gateway address is 192.168.20.254) and the routing table on the switch is set so that inter VLAN switching 'works' between subnets, fine.


2522 posts

Uber Geek
+1 received by user: 937

Subscriber

  Reply # 870073 1-Aug-2013 15:39
Send private message

Ok, so you've got something like
VLAN10 - 192.168.10.0/24
Gateway 192.168.10.254
DHCP Server 192.168.10.1
VLAN20 - 192.168.20.0/24
Gateway 192.168.20.254
DHCP Relay -> 192.168.10.1 scope 192.168.20.0/24

What is doing your DHCP relaying, presumably your switch?




Windows 7 x64 // i5-3570K // 16GB DDR3-1600 // GTX660Ti 2GB // Samsung 830 120GB SSD // OCZ Agility4 120GB SSD // Samsung U28D590D @ 3840x2160 & Asus PB278Q @ 2560x1440
Samsung Galaxy S5 SM-G900I w/Spark



15 posts

Geek
+1 received by user: 35


  Reply # 870083 1-Aug-2013 15:47
Send private message

Inphinity: Ok, so you've got something like
VLAN10 - 192.168.10.0/24
Gateway 192.168.10.254
DHCP Server 192.168.10.1
VLAN20 - 192.168.20.0/24
Gateway 192.168.20.254
DHCP Relay -> 192.168.10.1 scope 192.168.20.0/24

What is doing your DHCP relaying, presumably your switch?


Yep that's correct. The switch is doing the relaying. The config is as you have put it above. The relay address I'm pointing to on each VLAN gateway is the server address of 192.168.10.1.



15 posts

Geek
+1 received by user: 35


  Reply # 870094 1-Aug-2013 15:59
Send private message

AAARGH.

Really sorry guys, but everything is working as it should now. Rookie mistake - I hadn't written the config changes to flash on the switch and it had some old ACL stuff that I was playing with causing the problems. I feel like a dolt. Sorry, but thanks a lot for the replies in any event!

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.