Unsolved
This post is more than 5 years old
29 Posts
0
179377
Getting DHCP through Dell 6224 VLANs
Hello,
I have a very simple setup in my test lab that I am having trouble getting working. I have a Dell PowerConnect 6224 (Layer 3) and a Dell PowerConnect 2724 (Layer 2), two laptops and a Windows 2008 server setup as a domain controller.
My 6224 has 3 VLANs setup on it, 10, 20 & 30.
My 2724 also has the 3 VLANs setup on it. I have a connection from each VLAN on the 6224 to matching VLAN on the 2724.
I am using the 6224 to be able to route the VLANs, such that they can all communicate with each other.
I need VLANs because we need more IP Addresses than one subnet can provide and to minimize MultiCast traffic on my main office network.
Currently I have all three of my PCs plugged into the 2724 on the three different VLANs. The domain controller is on a port with all three VLANs, 10,20 and 30 and this port is Tagged on all three. There is a laptop on VLAN 20 and a Laptop on VLAN 30. Everything works great. I was able to add the laptops to the domain, and they are getting DHCP addresses.
The problem is that when I move the 6224 onto my real network, I am going to want the Domain Controller to be directly connected to the 6224, not to another switch. When I try to duplicate this in my lab it does not work.
I moved the Domain Controller to port 7 on the 6224, gave it access to all 3 VLANs and set them as Tagged. But when I do that I cannot see the Domain Controller from the laptops. Am I missing a step? Can this be done?
Also, I am know unable to access the web interface on the 6224? Can someone tell me how I do that?
Here is my running config:
!Current Configuration:
!System Description "PowerConnect 6224, 3.3.1.10, VxWorks 6.5"
!System Software Version 3.3.1.10
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 2,10,20,30
vlan routing 10 1
vlan routing 20 2
vlan routing 30 3
exit
stack
member 1 1
exit
ip address 172.16.1.254 255.255.255.0
ip address vlan 2
ip routing
ip helper-address 172.16.10.10 dhcp
interface vlan 10
routing
ip address 172.16.10.254 255.255.255.0
exit
interface vlan 20
routing
ip address 172.16.20.254 255.255.255.0
exit
interface vlan 30
routing
ip address 172.16.30.254 255.255.255.0
exit
username "admin" password 80f3be0c63f2722b4293c531e1e7a09f level 15 encrypted
!
interface ethernet 1/g1
switchport access vlan 10
exit
!
interface ethernet 1/g2
switchport access vlan 20
exit
!
interface ethernet 1/g3
switchport access vlan 30
exit
!
interface ethernet 1/g7
switchport mode general
switchport general allowed vlan add 10,20,30 tagged
exit
!
interface ethernet 1/g24
switchport mode general
switchport general allowed vlan add 2
exit
snmp-server community public rw ipaddress 172.16.10.14
exit
console#
Thanks for you help.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 10th, 2012 13:00
Ok lets run show interface status, to check the link status of the ports. As well as show mac address-table, to see if the switch is learning the MAC address of the devices connected.
eric117
29 Posts
0
October 10th, 2012 13:00
1. No
2. No
3. No
4. No that is the Gateway address on the 6224. I have not set any ips on the 2724...i didn't think I had to.
5. I moved the Laptop to port 15 on the 6224 and set port 15 to access mode vlan 20. I was then able to ping the Server. I could also then ping the laptop from the Switch...but not the switch from the laptop??
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 11th, 2012 06:00
Looking at the result of the show commands we can see that port 24 is not learning the MAC address of the port on the 2724. Looking back through the configuration there is something I missed. The 6224 has the management VLAN set to 2, which any untagged traffic will fall onto. While the 2724 management VLAN is VLAN 1, and cannot be changed. So to help troubleshoot the communication issue lets try these out.
1. On the 6224 lets change the management VLAN back to VLAN 1 so that the 6224 and 2724 are sending untagged on the same VLAN.
2. If you have a different cable that we can swap between the 6224 and 2724, just to double check and make sure the cable is good.
3. Try changing the ports being used. So right now we have port 24 on the 6224 connected to port 24 on the 2724? Try changing that to a different port on each switch and config those ports also.
Test communication after each change, and keep us updated.
Thanks.
eric117
29 Posts
0
October 11th, 2012 13:00
Nothing.
I change the Management VLAN back to 1, switched to a cable that I know is good, and changed the port on both switches to 18. I still get no communication between the two.
I tried another switch (LANTECH LES-2224C) and I was unable to get a connection there either.
Is using the Trunk setting on the 6224 the wrong thing? Do I have to do it as three separate connections? One for each VLAN?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 11th, 2012 14:00
Yes I am certain, General mode is the mode we want to use. On the 27424 do we have any link lights coming on for the port that plugs into the 6224?
Something else that may help is taking the 2724 out of management mode and then putting it back into management mode. Kind of like a reboot.
A Managed Mode push-button, located on the far right side on the front panel, sets the device
management mode.
Managed Mode Button
The PowerConnect 2708/2716/2724/2748 has a Managed Mode push button on the front panel.
The Managed Mode button is for changing between Managed Mode and Unmanaged (or
Secure) Mode. After a change from Unmanaged (or Secure) Mode to Managed Mode, the
switch restores the configuration values to factory default settings.
From Unmanaged or Secure Mode (2748 only), pressing the Managed Mode button causes:
• Factory default configuration (192.168.2.1) is set as the switch IP address.
• Subnet mask changes to 255.255.255.0
• Graphical User Interface (GUI) login user name changes to Admin, and the password is not
configured (appears blank), with Read/Write privilege.
• The DHCP client is set off.
• The device is rebooted.
eric117
29 Posts
0
October 11th, 2012 15:00
Ok...so this is very strange....it is working now...and I don't think I changed anything....
The one thing I did do was to power cycle the 2724 when I tested that Lantech switch.
Also, I found that when I had setup Port 18 I had set it up as a Trunk not General and that worked, so I switched port 24 to Trunk and now that works.
I am still having one strange issue. If I plug my pcs into the 20 or 30 vlans I get an ip address from my server, but if I plug them into the 10 vlan i don't get an ip. Could this have something to do with the Server being on only VLAN 10?
Here is my current running config:
console#show running-config
!Current Configuration:
!System Description "PowerConnect 6224, 3.3.4.1, VxWorks 6.5"
!System Software Version 3.3.4.1
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 2,10,20,30
vlan routing 10 1
vlan routing 20 2
vlan routing 30 3
exit
stack
member 1 1
exit
ip address 172.16.1.254 255.255.255.0
ip routing
ip route 172.16.10.0 255.255.255.0 172.16.10.2
ip route 172.16.20.0 255.255.255.0 172.16.20.2
ip route 172.16.30.0 255.255.255.0 172.16.30.2
ip helper-address 172.16.10.10 dhcp
interface vlan 10
routing
ip address 172.16.10.254 255.255.255.0
exit
interface vlan 20
routing
ip address 172.16.20.254 255.255.255.0
ip helper-address 172.16.10.10 dhcp
exit
interface vlan 30
routing
ip address 172.16.30.254 255.255.255.0
ip helper-address 172.16.10.10 dhcp
exit
username "admin" password 80f3be0c63f2722b4293c531e1e7a09f level 15 encrypted
dhcp l2relay
!
interface ethernet 1/g1
dhcp l2relay
switchport access vlan 10
exit
!
interface ethernet 1/g15
switchport access vlan 20
exit
!
interface ethernet 1/g18
switchport mode trunk
switchport trunk allowed vlan add 10,20,30
exit
!
interface ethernet 1/g24
switchport mode trunk
switchport trunk allowed vlan add 10,20,30
exit
exit
console#
DELL-Willy M
802 Posts
0
October 11th, 2012 16:00
That is good to hear that you have it working.
interface vlan 10
routing
ip address 172.16.10.254 255.255.255.0
exit
interface vlan 20
routing
ip address 172.16.20.254 255.255.255.0
ip helper-address 172.16.10.10 dhcp I do not see this specified for VLAN 10 interface above
exit
interface vlan 30
routing
ip address 172.16.30.254 255.255.255.0
ip helper-address 172.16.10.10 dhcp
exit
Looks like you need to run these commands to get the ip helper address on the VLAN 10 interface.
console# config
console(config)# interface vlan 10
console(config-if)# ip helper-address 172.16.10.10
Hope this helps,
eric117
29 Posts
0
October 12th, 2012 07:00
I attempted to add the IP Helper-address to vlan 10 and got this message:
"Server cannot be in a subnet on an interface where the helper address is configured."
Does this mean my servers need to be on another VLAN?
Also, my DCHP is working on VLANs 20 and 30 but not my ability to add a system to the domain. Is there another IP Helper-address command that I need to add?
Thanks again for all your help.
DELL-Willy M
802 Posts
1
October 12th, 2012 16:00
Have we actually run the ip helper enable command?
Console# config
Console(config-if)# ip helper enable
We can also look at the configuration with this command.
Console# show ip helper-address
The definition of IP helper:
IP Helper
Provides the ability to relay various protocols to servers on a different subnet.
Based on that I advised you incorrectly that we need the ip helper on VLAN 10 since it is on the same subnet as the DHCP server. Are you able to ping the DHCP server from the VLAN 10 interface?
eric117
29 Posts
0
October 15th, 2012 07:00
Yes...here is what I get when i do show ip helper-address:
console#show ip helper-address
IP helper is enabled
Interface UDP Port Discard Hit Count Server Address
-------------------- ----------- ---------- ---------- ------------------
vlan 20 domain No 0 172.16.10.10
vlan 20 dhcp No 3591 172.16.10.10
vlan 30 domain No 0 172.16.10.10
vlan 30 dhcp No 2694 172.16.10.10
Any domain No 0 172.16.10.10
Any dhcp No 52 172.16.10.10
console#
Again...I am getting DHCP addresses on VLAN 20 and 30, but not 10 because of the error above. And I am unable to add systems to my domain. The domain server is the same as the DHCP server and is on VLAN 10.
eric117
29 Posts
0
October 15th, 2012 07:00
Ok, you can ignore the domain question, that is actually working. My domain is called VLANTEST, and when I put that in it did not work. But when i put in VLANTEST.com it did.
But I am still not getting DHCP on VLAN 10....
eric117
29 Posts
0
October 15th, 2012 08:00
Sorry, I missed the last part of your question....
I put one of the Laptops on the 10 VLAN and assigned it a static address. I cannot ping the server or other systems on the other VLANs.
Thanks.
DELL-Willy M
802 Posts
1
October 15th, 2012 10:00
If your not able to ping with a static IP in the same 172.16.10.0 network then that would explain why you are DHCP is not resolving for VLAN 10.
What we need to do is isolate where the break down is in the routing/communication between the laptop in VLAN 10 and your DHCP.
Routing seems to be working for VLANs 20 & 30 since DHCP is working.
If you are on the switch can you ping a device connected to an interface with access mode for VLAN 10 and a static IP for the 172.16.10.0 network? You might try a trace route from the laptop with static IP connected to VLAN 10 interface to DHCP and see how far it gets then we can look at what is needed to resolve.
What is you routing table look like.
console# show ip route
eric117
29 Posts
0
October 17th, 2012 14:00
Ok...so I am back to the original problem. I tried to setup another VLAN so that I would not need to have systems on the 10 VLAN. I reset each Laptop and created a new DHCP Scope for the new VLAN (40).
Once again I am unable to get any DHCP activity between switches. I even tried another 2724 switch (attached to port 1/g23). Still nothing.
Here is my current Running Config:
console#show running-config
!Current Configuration:
!System Description "PowerConnect 6224, 3.3.4.1, VxWorks 6.5"
!System Software Version 3.3.4.1
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 2,10,20,30,40
vlan routing 10 1
vlan routing 20 2
vlan routing 30 3
vlan routing 40 4
exit
stack
member 1 1
exit
ip address 172.16.1.254 255.255.255.0
ip routing
ip route 172.16.10.0 255.255.255.0 172.16.10.2
ip route 172.16.20.0 255.255.255.0 172.16.20.2
ip route 172.16.30.0 255.255.255.0 172.16.30.2
ip route 172.16.40.0 255.255.255.0 172.16.40.2
ip helper-address 172.16.10.10 domain
ip helper-address 172.16.10.10 dhcp
interface vlan 10
routing
ip address 172.16.10.254 255.255.255.0
exit
interface vlan 20
routing
ip address 172.16.20.254 255.255.255.0
ip helper-address 172.16.10.10 domain
ip helper-address 172.16.10.10 dhcp
exit
interface vlan 30
routing
ip address 172.16.30.254 255.255.255.0
ip helper-address 172.16.10.10 domain
ip helper-address 172.16.10.10 dhcp
exit
interface vlan 40
routing
ip address 172.16.40.254 255.255.255.0
ip helper-address 172.16.10.10 domain
ip helper-address 172.16.10.10 dhcp
exit
username "admin" password 80f3be0c63f2722b4293c531e1e7a09f level 15 encrypted
dhcp l2relay
!
interface ethernet 1/g1
dhcp l2relay
switchport access vlan 10
exit
!
interface ethernet 1/g15
switchport access vlan 10
exit
!
interface ethernet 1/g23
switchport mode trunk
switchport trunk allowed vlan add 10,20,30,40
exit
!
interface ethernet 1/g24
switchport mode trunk
switchport trunk allowed vlan add 10,20,30,40
exit
exit
eric117
29 Posts
0
October 18th, 2012 09:00
I did a test to see if I could figure out where the problem lies. On the 6224 I setup one port for each VLAN. I then plugged my three laptops into these ports and sure enough I was able to get DHCP.
So, it appears that the problem lies in the connection between the 6224 and the 2724. I have tried both Trunk and General settings on the 6224 and all have failed. Any ideas why the connections between these switches would not work?
Thanks.