Highlighted
htc_it_monkey
1 Copper

6624 vlan config, WISP network, untagged and tagged clients

Working for a WISP, trying to configure a Dell PowerConnect 6224 to pass both tagged and untagged packets. Was running as only untagged and service runs correctly. Some new equipment we are using requires a management vlan along with a customer data vlan. I have configured port xg4 (fiber port) as general with both the default untagged (1) and also with vlan tag 20. I have done the same to the additional ports that are required for our services to work. Port g23 is a backup line ran to our Ceragon radio equipment. The test piece of equipment only requires the management vlan, and must request DHCP from the EMS server. This is why I have not configured the customer vlan yet. I would like to see the requests coming back all the way to the server before enabling, as this requires me to move all of the customers to the new DHCP system. 1 step at a time, right?

To monitor this, I am watching for DHCP requests coming from a SkyPilot radio out in the field that is my test equipment. I see the DHCP requests coming back to the headend at the Ceragon but can not see the same requests at the switch using port mirroring of xg4 to g13, or when I set g13 as general and tagged as part of the same 20 vlan.

Part of the switch is our management vlan for our VMWare, and part of it is our iSCSI as you will see in the config below. I'm using the center section of the switch and xg4 to bring it all together, including customer internet access.  All services to customers have until this time been running untagged and vlan 1 but from this point we will be breaking the network down into vlan groups.

vlan 11  vmware

vlan 20 new field radio management

vlan 100 iSCSI for vmware

iSCSI-Sw1#show running-config 
!Current Configuration:
!System Description "PowerConnect 6224, 3.3.1.10, VxWorks 6.5"
!System Software Version 3.3.1.10
!Cut-through mode is configured as disabled
!
configure
gvrp enable
vlan database
vlan 11,20,100
vlan routing 20 1
exit
hostname "iSCSI-Sw1"
sntp unicast client enable
sntp server 69.25.96.13 priority 2
sntp server 132.163.4.101
clock summer-time recurring USA zone "ESTD"
clock timezone -5 minutes 0 zone "EST"
stack
member 1 1
exit
ip address 192.168.201.6 255.255.255.0


ip default-gateway 192.168.201.1
ip address vlan 100
ip routing
no ip helper enable
interface vlan 11
name "iSCSI"
exit
interface vlan 20
name "sp_mgmt"
routing
ip address 10.50.20.1 255.255.255.0
ip helper-address 192.168.128.2
ip helper-address 192.168.128.2 dhcp
exit
username "**********" password ******************** level 15 encrypted
no spanning-tree
sflow 1 destination owner public timeout 4288447719
sflow 1 destination 192.168.201.53
!
interface ethernet 1/g1
sflow 1 sampling 1024


sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g2
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g3
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g4
sflow 1 sampling 1024


sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g5
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g6
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport mode trunk
exit
!
interface ethernet 1/g7
sflow 1 sampling 1024


sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g8
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g9
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g10
sflow 1 sampling 1024


sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g11
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g12
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport access vlan 100
exit
!
interface ethernet 1/g13
sflow 1 sampling 1024


sflow 1 polling 30
switchport mode general
switchport general allowed vlan add 20 tagged
exit
!
interface ethernet 1/g14
sflow 1 sampling 1024
sflow 1 polling 30
switchport mode general
switchport general allowed vlan add 20 tagged
exit
!
interface ethernet 1/g15
sflow 1 sampling 1024
sflow 1 polling 30
exit
!
interface ethernet 1/g16
sflow 1 sampling 1024
sflow 1 polling 30
exit


!
interface ethernet 1/g17
sflow 1 sampling 1024
sflow 1 polling 30
switchport mode general
switchport general allowed vlan add 20 tagged
exit
!
interface ethernet 1/g18
sflow 1 sampling 1024
sflow 1 polling 30
switchport mode general
switchport general allowed vlan add 20 tagged
exit
!
interface ethernet 1/g19
storm-control broadcast
storm-control multicast
sflow 1 sampling 1024
sflow 1 polling 30
mtu 9216


switchport access vlan 11
exit
!
interface ethernet 1/g20
storm-control broadcast
storm-control multicast
sflow 1 sampling 1024
sflow 1 polling 30
mtu 9216
switchport access vlan 11
exit
!
interface ethernet 1/g21
storm-control broadcast
storm-control multicast
sflow 1 sampling 1024
sflow 1 polling 30
mtu 9216
switchport access vlan 11
exit


!
interface ethernet 1/g22
storm-control broadcast
storm-control multicast
sflow 1 sampling 1024
sflow 1 polling 30
mtu 9216
switchport access vlan 11
exit
!
interface ethernet 1/g23
storm-control broadcast
storm-control multicast
sflow 1 sampling 1024
sflow 1 polling 30
spanning-tree portfast
mtu 9216
switchport mode general
switchport general allowed vlan add 20 tagged
exit
!


interface ethernet 1/g24
sflow 1 sampling 1024
sflow 1 polling 30
gvrp enable
switchport mode general
exit
!
interface ethernet 1/xg4
spanning-tree disable
switchport mode general
switchport general allowed vlan add 20 tagged
exit
snmp-server community htc305 rw ipaddress 192.168.201.6
snmp-server community public rw ipaddress 192.168.201.6
exit
0 Kudos
2 Replies

Re: 6624 vlan config, WISP network, untagged and tagged clients

It looks like you are needing to set up IP Helper

IP Helper

The IP Helper feature allows the switch to forward certain configured UDP broadcast packets to a particular IP address. This allows various applications, such as the DHCP relay agent, to reach servers on non-local subnets, even if the application was designed to assume a server is always on a local subnet and uses broadcast packets (with either the limited broadcast address 255.255.255.255, or a network directed broadcast address) to reach the server.

You can configure relay entries both globally and on specific routing interfaces. Each relay entry maps an ingress interface and destination UDP port number to a single IPv4 address (the helper address). You can configure multiple relay entries for the same interface and UDP port, in which case the relay agent relays matching packets to each server address. Interface configuration takes priority over global configuration. In other words, if the destination UDP port of a packet matches any entry on the ingress interface, the packet is handled according to the interface configuration. If the packet does not match any entry on the ingress interface, the packet is handled according to the global IP helper configuration.

To relay UDP packets received on any interface for all default ports to the server at 20.1.1.1, use the following commands:

console#config

console(config)#ip helper-address 20.1.1.1

You can read about configuration options for IP Helper in the CLI Guide page 711.

CLI Guide - support.dell.com/.../cli_en.zip

Page 553 in the User Guide also.

User Guide - support.dell.com/.../ucg_en.zip

You may also need to be aware that the management VLAN is not routable.  If you need to route on VLAN 1 you can move the management VLAN with these commands.

console> enable

console# config

console (config)# vlan database

console (config-vlan)# vlan 99

console(config-vlan)# exit

console (config)# ip address vlan 99

console (config)# interface vlan 1

console (config-if-vlan1)# routing

Hope this helps,

Get Support on Twitter @DellCaresPro

Download the Dell Quick Resource Locator app today to access PowerEdge support content on your mobile device! (iOS, Android, Windows)

htc_it_monkey
1 Copper

Re: 6624 vlan config, WISP network, untagged and tagged clients

I got it figured out. The xg4 and the g24 ports are the same port basically and so I had to make my vlan configuration on g24. Yes, I had not put in the helper yet, as I was working step by step. I wanted to see the requests coming across the switch before going any further.

Thanks for the help!

0 Kudos