Unsolved
This post is more than 5 years old
23 Posts
0
166509
DHCP to VLAN not assigning
Hi Guys,
I think I may have a faulty 5448 switch here.
My network layout in brief :)
SW#1 6248 Layer 3 - as my 'core' router/switch
Ports setup mostly as vLAN 10 for the VM network, Cisco ASA
LAG Group 1 - connects to SW#4 (5448) in Building 1
LAG Group 2 - Connects to SW#5 (5448) in Building 1
SW#4 5448 in Building 1
LAG Group 1 connects to SW#1 as per above - usable ports setup as vLAN 20
SW#5 5448 in Building 1
LAG Group 1 connects to SW#1 as per above
LAG Group 2 connects to SW#6 (5448) in Building 2 - usable ports setup as vLAN 20
SW#6 - 5448 in Building 2
LAG Group 1 connects back to SW#5 as per above
LAG Group 2 connects to a SW#7 Netgear FS something or other 48 port POE L2 switch
Most Ports on this were set to vLAN20 during install 18 months ago and its been sitting there mostly unused except for as an uplink to SW#7 and my office
SW#7
LAG Group 1 connects back to SW#6
Ports a mixture of vLAN 20 and vLAN 30
Now I have the following vLANs setup: 10, 20, 30 and 40
vlan 10 = subnet 10.0.10.0/24
vlan 20 = subnet 10.0.20.0/24
vlan 30 = subnet 10.0.30.0/24
vlan 40 = subnet 10.0.40.0/24
All vLans, subnets etc are all setup and working on each switch, routing etc handled by L3 6248 switch - works fantastic. I have DHCP setup on a server on the 10.0.10.0/24 subnet. All my client PC's are on the 10.0.20.0/24 subnet in building one and connected to switches SW#5 and SW#4 as per above. IP-Helper setup on L3 Switch and all DHCP addresses assigning sweet to all devices all around the network - as advertised.
My office sits at the end of SW#7. I set myself up on vlan 30 and that subnet. DHCP has a scope for that subnet and I get a DHCP assigned IP from the correct subnet and there was much rejoicing. This has been functioning for 18 months without a single hiccup.
Now onto my issue...see...I told you it would be a brief description......I set the network up like this because I knew as the organisation expanded they would move departments into Building 2 with more office space. And they did, yesterday. SO my plan was to be clever and setup a new vLAN (vLAN40) for this department and configure the ports in their offices that connect to SW#6 to vLAN 40. Then I setup a new scope on the DHCP server and a new subnet on the Layer 3 switch, routing interface and all that Jazz....then I went through every LAG uplink and tagged the ports so that vLAN40 traffic could pass over it, tagged the server ports etc
But no matter what I do - no DHCP addresses hit those vLAN 40 ports on SW#6!! Even weirder - I can manually set an IP in that new subnet and it works fine on the network using those same vLAN 40 ports!! I can access data shares, printers, the DHCP server, the internet etc without any dramas at all. I know IP Helper is getting at least that far because the ports that were already assigned to vLAN 20 on it get a DHCP IP fine...and my PC's get DHCP IP's for my subnet via that switch up to my switch then onto my vLAN ports on SW7!.
I have tried setting one of those ports to my vLAN (30) and no 10.0.30.0 IP's are assigned to the device, I've tried vLAN 10 with no luck as well. I tried setting Port 10 to vLAN 40 with no luck then strangely I set that port to vLAN 20 - which works on ports I had set during install 18 months ago, and vLAN 20 IP's would not get assigned by DHCP! It seems that anytime I touch a port and reconfigure the vLAN no more DHCP IP's will get to that port - no matter what vLAN I put on it. I am hesitant to touch any of the previosuly configured vLAN 20 ports because they are working right now.....and I put the 10 PC's I needed to connect on them. They get a vLAN 20 IP via DHCP...but I know if I change one of them that port won't work anymore...even if I set it back to vLAN 20.
So, if you made it this far - congrats!!
Any ideas?? I have tried re-booting the switch many times. I've plugged a console cable in and taken a look at the config and nothing stands out..... I'm 'all ears' to any suggestions or thoughts. The only thing I can think of is that the switch is borked....or the config is corrupted somehow?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
March 28th, 2013 06:00
One of the things that can help with interoperability /operability of the switches, is having the firmware up to date on them. Easy to do, but does require a reboot of the switch.
5448
www.dell.com/.../powerconnect-5424
Your description was pretty in depth on how the switches are connected, and it sounds like you have the right idea on how they should be configured. But there still may be something misconfigured. I would like to take a look at the running config on SW#6 to see if we can spot any suggested changes.
From your description it sounds like you created VLAN 40 on SW#6 and SW#1, but what about on SW#5 and SW#7? The Trunk port is what you want, and it looks like you have VLAN 40 placed on the Trunk For the switches, but since SW#6 has to go through SW#5 and SW#6 to get to SW#1, then those switches also need to have VLAN 40 placed on them.
Thanks
Daver19_1df901
23 Posts
0
April 1st, 2013 17:00
Cheers for the response Daniel. I haven't had a chance to respond till today due to the long weekend for Easter - I am back in the office now ;)
In reply - Yes, I have created ALL of the vLANs on each switch. I have gone through and Tagged each LAG 'trunk' between each switch as appropriate for each vLAN...and I have checked and re-checked a dozen times :)
Here is the running-config on SW#6 - the one giving me the trouble :)
spanning-tree mode rstp
interface port-channel 1
spanning-tree portfast
spanning-tree cost 4
exit
interface port-channel 2
spanning-tree portfast
spanning-tree cost 4
exit
interface range ethernet g(1-6)
spanning-tree portfast
exit
interface range ethernet g(1-6)
spanning-tree cost 100
exit
interface port-channel 1
description "SW06 to SW05 Trunk"
flowcontrol on
exit
interface port-channel 2
description "SW06 to SW07 Trunk"
flowcontrol on
exit
interface range ethernet g(1-6)
flowcontrol on
exit
interface port-channel 1
switchport mode trunk
exit
interface port-channel 2
switchport mode trunk
exit
vlan database
vlan 10,20,30,40,999
exit
interface range port-channel (1-2)
switchport trunk allowed vlan add 10
exit
interface ethernet g12
switchport access vlan 20
exit
interface port-channel 1
switchport trunk allowed vlan add 20
exit
interface ethernet g13
switchport access vlan 30
exit
interface port-channel 1
switchport trunk allowed vlan add 30
exit
interface ethernet g10
switchport access vlan 40
exit
interface range port-channel (1-2)
switchport trunk allowed vlan add 40
exit
interface range ethernet g(25-48)
switchport access vlan 999
exit
interface range port-channel (1-2)
switchport trunk allowed vlan add 999
exit
interface vlan 10
name "vLAN 10"
exit
interface vlan 20
name "vLAN 20"
exit
interface vlan 30
name "vLAN 30"
exit
interface vlan 40
name "vLAN 40"
exit
interface vlan 999
name "vLAN 999"
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
interface range ethernet g(1,3,5,7)
channel-group 1 mode auto
exit
interface range ethernet g(2,4)
channel-group 2 mode auto
exit
iscsi target port 860 address 0.0.0.0
iscsi target port 3260 address 0.0.0.0
no iscsi enable
interface vlan 40
ip address 10.0.40.6 255.255.255.0
exit
interface vlan 1
ip address 192.168.1.4 255.255.255.0
exit
ip default-gateway 10.0.40.254
hostname xxxSW06
username switchadmin password xxxxxxxxxxxxxxxxxxxxxxxxxx level 15 encry
pted
snmp-server location "xxxxxxxxxx"
snmp-server contact "xxxxxxxxxx"
snmp-server community Dell_Network_Manager rw view DefaultSuper
clock timezone 10
asset-tag " xxxSW06"
Default settings:
Service tag: FNT07M1
SW version 2.0.0.35 (date 27-Jan-2009 time 18:13:34)
Gigabit Ethernet Ports
=============================
no shutdown
speed 1000
duplex full
negotiation
flow-control off
mdix auto
no back-pressure
interface vlan 1
interface port-channel 1 - 8
spanning-tree
spanning-tree mode STP
qos basic
qos trust cos
Again, as usual - any assistance is appreciated :)
Daver19_1df901
23 Posts
0
April 1st, 2013 22:00
OK, just to add a bit more <ADMIN NOTE: Substitute character removed as per TOU>?!?! to the mix :)
Been playing around for a few hours this morning and this is what I have found.
On my Netgear switch - at the end of several LAG trunks.....I can assign a port to vLAN 10, 20, 30 or 40 but then need to manually assign the correct PVID to the port and as soon as I do - BINGO - DHCP from my server (in vlAN 10) assigns the correct IP from one of its scopes - dependant on the vLAN. So DHCP gets there from the 6248 (SW1) to the 5448 (SW5) to the 5448 in this building (SW6) and then to SW7. As intended.
BUT, after further testing.....none of the Dell switches at all is assigning IP's to any other vLAN setup on their ports...at all....the ones that have been set to vLAN 20 the whole time since deployment are all still working OK.....but the second I touch them they won't work on the new vLAN or if I set them back to the old previously working vLAN. What I assumed to be only an issue with SW#6 seems to be happening on ALL the Dell switches.
I even tried setting port 13 on the 6248 to vLAN30 as a test and no IP would be assigned to it. Then tried setting that port to all the other vLANs one at a time - with no luck. Tested switch 14 the same way - no DHCP addresses assigned to the ports I tested. Repeated again with SW#5 and SW#6 again with no luck at all.
So...I'm kinda curious as to why with IP Helper enabled globally, pointing at my DC which is running DHCP Server, DNS etc doesn't let DHCP assign any IP's to ports on any Dell switch...but will pass through 3 switches to work fine on a Netgear switch??
Kinda stumped now......it obviously DID work when I set it up since switches #4 and #5 and #6 have about 60 ports setup on vlAN 20 that are working fine, and have been working fine for 18 months....but as soon as I touch any of them they will no longer let DHCP assign an IP to them!
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
April 2nd, 2013 06:00
Thanks for the additional information. Since we are seeing this situation when directly connected to the 6248, lets take a look at the ip helper commands we have in place on the 6248. Also the output of this show command may help also.
#Show ip helper statistics
On the DHCP server itself, is anything being logged on the server?
On a side note I noticed from global configuration you set the default gateway to an IP address that is in VLAN 40.
#ip default-gateway 10.0.40.254
What belongs to this IP address?
I also noticed that the 5448 firmware is out of date, which may mean that the 6248 is also out of date. The latest 6248 firmware does resolve some DHCP relay issues, and may be worth spending the time to install, just to make sure.
Daver19_1df901
23 Posts
0
April 2nd, 2013 08:00
result of a #show ip helper statistics:
DHCP client messages received.................. 314
DHCP client messages relayed................... 74
DHCP server messages received.................. 61
DHCP server messages relayed................... 61
UDP client messages received................... 3012
UDP client messages relayed.................... 1733
DHCP message hop count exceeded max............ 0
DHCP message with secs field below min......... 0
DHCP message with giaddr set to local address.. 0
Packets with expired TTL....................... 187
Packets that matched a discard entry........... 0
10.0.40.0/24 is my management vLan. My original network pre all my Dell switches was a simple 192.168.1.0/24 network. 18 months ago I deployed a vSphere 5 Essentials Kit with 2x Dell R720's, 1x MD3220i SAN etc. I took the opportunity to upgrade the network infrastructure at the same time and deployed a bunch of 5448's around the network to replace old Netgear switches (no vLANs in old environment) and a 6248 to control it all. The switches all had 192.168.1.0/24 static addresses but I have recently changed them all to the 10.0.40.0/24 range and set that subnet as vLAN 40. My PC is in that range and I can manage all the switches from that subnet.
I do not have a TFTP server setup at present to upgrade the firmware on the switches, I'll need to do that tomorrow when I return to the office - I suspect we are corresponding from opposite ends of the clock ;)
Just puzzled that the Netgear is allowing DHCP to assign the correct IP subnets whilst the Dell switches before it in the chain do not....
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
April 2nd, 2013 09:00
From the show command it appears that the switch is receiving but not relaying all the DHCP messages. Can we look at the running config on the 6248?