7 Replies Latest reply: May 13, 2012 3:25 AM by eugen RSS

    1 DHCP Server 2 VLAN's on one interface

    ShaneS

      Im trying to get past this issue with testing for a VOIP soltion.

       

      I have a Layer 2 switch Cisco SGE2000 and a 1841 Cisco router

      There is a phone system on 172.20.26.x and a data network on 172.20.31.x - for the VLANS Im using 1 for the data and 26 for the Voice

       

      everything seems to work fine but the phones get the orginal scope IP DHCP as expected and are told to look at the 26Vlan which they do, however they cant find the DHCP. Any ideas? The helper is set but doesnt seem to have any effect.

       

      The important parts of the Cisco is setup as follows:

       

      interface FastEthernet0/0.1

      encapsulation dot1Q 1 native

      ip address 172.20.31.1 255.255.255.0

      !

      interface FastEthernet0/0.26

      encapsulation dot1Q 26

      ip address 172.20.26.2 255.255.255.0

      ip helper-address 172.20.31.10

      !

      interface FastEthernet0/1

      ip address 172.20.11.2 255.255.255.0

      ip mtu 1496

      ip tcp adjust-mss 1456

      load-interval 30

      duplex auto

      speed auto

      service-policy output LLQ

      !

      interface FastEthernet0/1/1

      duplex full

      speed 100

      !

      interface FastEthernet0/1/2

      !

      interface FastEthernet0/1/3

      !

      interface Vlan1

      ip address 172.20.21.2 255.255.255.0

      load-interval 30

      !

      ip route 0.0.0.0 0.0.0.0 172.20.21.1

      ip route 172.20.10.0 255.255.255.0 172.20.11.1

      ip route 172.20.11.0 255.255.255.0 FastEthernet0/1

      ip route 172.20.12.0 255.255.255.0 172.20.11.1

      ip route 172.20.20.0 255.255.255.0 172.20.11.1

      ip route 172.20.22.0 255.255.255.0 172.20.11.1

      ip route 172.20.25.0 255.255.255.0 172.20.11.1

      ip route 172.20.30.0 255.255.255.0 172.20.11.1

      ip route 172.20.31.0 255.255.255.0 FastEthernet0/0

      ip route 172.20.32.0 255.255.255.0 172.20.11.1

      ip route 202.83.76.0 255.255.255.224 ATM0/0/0.1

      !

      logging trap debugging

      logging source-interface ATM0/0/0.1

      logging 172.20.31.10

      access-list 101 permit ip host 172.20.21.4 host 172.20.20.4

      access-list 101 permit ip host 172.20.20.4 host 172.20.21.4

      access-list 101 permit ip host 172.20.21.4 host 172.20.22.4

      access-list 101 permit ip host 172.20.22.4 host 172.20.21.4

      access-list 102 permit ip host 172.20.21.3 host 172.20.20.3

      access-list 102 permit ip host 172.20.20.3 host 172.20.21.3

      access-list 102 permit ip host 172.20.21.3 host 172.20.22.3

      access-list 102 permit ip host 172.20.22.3 host 172.20.21.3

      !

      control-plane

      !

       

        • 1. Re: 1 DHCP Server 2 VLAN's on one interface
          Daniel

          Hi Shane,

           

          You posted your router config which IMO looks fine, considering the ip-helper address commands and all.

           

          But how is your switch configured?

          Normally when implementing cisco VOIP you need to understand that most telephones are actually a 3 port switch built-in wihin the phones.

           

          And I can't say if this is why your DHCP is not working or not, but i believe you have perhaps misconfigured your switchport where you connect the phone? So that the VLAN-taggings are not working correctly all the way.

           

          In your case this is how i would configure the voice vlan 26.

           

          Switch#configure terminal

          Switch(config)#interface fastethernet x/x (your switchport here of course)

          Switch(config-if)#switchport mode access

          Switch(config-if)#Switchport access vlan 1 (since this was your data vlan)

          Switch(config-if)#switchport voice vlan 26

           

          That would tag voice-traffic to belong to vlan 26 and data traffic to be tagged as vlan 1, should you connect the phone to a PC which is very common.

           

          On top of that i'd recommend using QoS in your network if using VOIP, but that's another story.

           

          I may be totally off in the wrong direction here, but im just guessing that you have not configured a voice-vlan on your access-port on your switch, which may explain why it doesn't get your DHCP-broadcast.

           

          HTH

          -Daniel

          • 2. Re: 1 DHCP Server 2 VLAN's on one interface
            eugen

            Hi Shane,

             

            I would like to ask, why have you configured a subinterface for vlan 1 and also you have interface vlan 1 configured with an IP address?

            I guess your switch is connected to the Fastethernet0/1/1 on the router. Is that correct?

            Is the switch port that connects to the router a trunk port? If not you need to configure it as a trunk port that will carry all vlans. If is is an access port by default it will carry only vlan 1 traffic and vlan 26 traffic will be dropped.

             

            Hope this helps

            Eugen

            • 3. Re: 1 DHCP Server 2 VLAN's on one interface
              Daniel

              Good catch eugen, I totally missed that .

               

              Either way, that's why i asked how the switch was configured as it points to a false configuration there. You brought up an interesting question ... i wonder what state "show ip int brief" on the router would say that Vlan1 interface is in.

               

              Considering it's better to use Loopback0 interface for the purpose of management...i still don't think that vlan1 interface is messing with the dhcp-process, since interface vlan1 should not be confused with the switch terminology of VLAN1.

               

              In this configuration i assume the switch is connected on interface fa0/0 , not 0/1/1. But until we get the switch configuration this is just speculations.

               

              -Daniel

              • 4. Re: 1 DHCP Server 2 VLAN's on one interface
                eugen

                Hi Daniel,

                Thats the way, we miss some we catch some. Maybe because I have four eyes.

                I thought the switch is plugged in 0/1/1 cos I see some duplex configuration while other interfaces have nothing.

                My 2 cents is that the switch port connected to the router is an access port and uses the default vlan 1.

                 

                Eugen

                • 5. Re: 1 DHCP Server 2 VLAN's on one interface
                  ShaneS

                  Hi guys the router is doing several other things here as well.

                  So the Switch is plugged into a 4 port HWIC card.
                  The switch is set on its port to the router to Trunk correctly.

                  • 6. Re: 1 DHCP Server 2 VLAN's on one interface
                    Daniel

                    Hi again Shane,

                     

                    I'm sorry but that doesn't really help us. We need to know how the switch is configured, or parts of it at least, if we are to be able to help you. As the router configuration looks solid, the failed configuration points to VLANs or switch-configuration.

                     

                    When you say that the switch is plugged into a 4-port HWIC card....does this mean that your switch is interconnected with another switch or another router as well?

                     

                    are you using other vendors than cisco during this installation ANYWHERE in your network? I see that you are using VLAN 1 as native VLAN, some vendors TAG VLAN1 which means that when they arrive to a cisco-device they'd be dropped since they're TAGGED.

                     

                    There's just too much missing information to be able to help you, since the router configuration looks OK IMO.But i'd start troubleshooting the switch-configuration first to be sure that the switch is forwarding everything correctly to your router. My tech-tip: plug in something between your router and switch in vlan 26 and use wireshark to see what's happening.

                     

                    Also make an access-port member of VLAN 26 in your SGE2000 switch, take a laptop with you and try setting ip and default gateway for vlan 26. Can you ping 172.20.26.2 from this PC? If you can, there's nothing wrong with your VLAN and trunk (except perhaps inter-vendor native vlan).

                     

                    Then i'd troubleshoot your phones, because like i said they are a three-port switch if you open them up. And again, remember that your switch-port must be configured for a voice vlan AND another access-vlan. It's NOT enough with just the access-vlan, so if it's configured with "switchport access vlan 26" it's wrong - just to be clear.

                     

                    Edit: on a side note, i took another look at your router config and the 1841 platform is limited and best used with a router-on-a-stick configuration, what you can try is disable interface vlan1 to see if it works. This looks pretty much like a productional network but, if you are trying to use the 1841 for layer 3 switching i'd advice to stick with a router-on-a-stick configuration.

                     

                    -Daniel

                    • 7. Re: 1 DHCP Server 2 VLAN's on one interface
                      eugen

                      Hi Shane, if your switch is connected to the 4 port switch module in the router, why do you have configured fa0/0 with subinterfaces for vlans? The switch needs to be connected to the Fa0/0 on the router to take advantage of router-on-a-stick configuration you have as Daniel mentioned above.