Unsolved
This post is more than 5 years old
36 Posts
0
155426
PC 6248P Ip helper-address dhcp
I am working on getting a vlan setup for our new shoretel phones. I have 2 PC 6248p stacked. The first unit is primarily used for desktops servers and our wireless APs. The APs are on a vlan (1001 - which is bound to 192.168.3.0/24) but all the other ports are Access and are set to vlan 1 untagged (vlan 1 is the default vlan). Our DHCP server is on 192.168.1.0/24 which is the subnet for the default vlan and has a scope setup for this subnet. It also has a scope set for 10.1.6.0/24 which is the subnet for vlan 200 Unit 2 of the stack has most of its ports set to general mode pvid 200. Vlan 200 interface is set to 10.1.6.1 and VLAN 200 is bound to 10.1.6.0/24 I have DHCP relay enabled globaly and VLAN 200 set for IP helper-address 192.168.1.185 which is my DHCP server. I have tried having my switches in routing mode and with "no ip routing" either way, when devices are plugged into ports with Switchport general pvid 200 the dhcp server is unavailable. When plugged into a port set as untagged then DHCP is available and the device gets a 192.168.1.0/24 address. I need devices plugged into the ports tagged vlan 200 to get assigned address via DHCP in the 10.1.6.0/24 subnet. What am I missing?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 16th, 2014 14:00
So
console(config-if)# switchport mode access
console(config-if)# switchport access vlan 200
Works fine
console(config-if)# switchport mode general
console(config-if)# switchport general allowed vlan add 200 tagged
Does not work?
Is the device being plugged into the general port sending tagged frames?
fzilz
36 Posts
0
May 16th, 2014 16:00
neither access mode vlan 200 nor general mode allowed vlan add 200 tagged work
The device is not sending tagged frames. (the device will learn of its vlan id from dhcp option 156).
note: if I remove the port from vlan 200 then the device receives ip address from dhcp for the default subnet as expected.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 19th, 2014 11:00
I know it is a lot to post up, but could you post up your running config? We can look through it and see if there is anything that may need to be added or changed.
Thanks
fzilz
36 Posts
0
May 19th, 2014 11:00
Below is my running config as of this morning. 2/g34 is the port, I have my phone plugged into. I don't really need Vlan 101 or 1001 on that port and I will remove those, I added that in attempt to try and understand what is going on.
Another item, that may help. I have a lag setup in general mode from ports 1/g45 and 1/g46 to a dell N3000 switch; I disconnected it and connected a single port in access mode to the switch, because, when using the lag, desktops could not get dhcp, once they had an ip address in the default vlan 1 /subnet 192.168.1.0/24 they could access everything, but if they lost their lease on an ip address, they would not be able to contact dhcp. using the port in access mode they access dhcp with out an issue.
I look forward to your help.
running-config
!Current Configuration:
!System Description "PowerConnect 6248P, 3.3.5.5, VxWorks 6.5"
!System Software Version 3.3.5.5
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 101,200,1001
vlan routing 1001 1
vlan routing 200 2
vlan association subnet 10.1.5.0 255.255.255.0 101
vlan association subnet 10.1.6.0 255.255.255.0 200
vlan association subnet 192.168.1.0 255.255.255.0 1
vlan association subnet 192.168.3.0 255.255.255.0 1001
exit
sntp unicast client enable
sntp server 216.27.190.202 priority 2
sntp server 132.239.254.49
clock summer-time recurring USA zone "PDT"
clock timezone -8 minutes 0 zone "PST"
stack
member 1 5
member 2 5
exit
ip address 192.168.1.221 255.255.255.0
ip default-gateway 192.168.1.225
ip domain-name ihni.interhealthusa.net
ip routing
interface vlan 101
name "iSCSI"
exit
interface vlan 200
name "Shoretel"
routing
ip address 10.1.6.1 255.255.255.0
bandwidth 10000
ip helper-address 192.168.1.185
ip mtu 1500
exit
interface vlan 1001
name "WLAN-IHNI"
routing
ip address 192.168.3.1 255.255.255.0
no ip proxy-arp
exit
username "admin" password d9dbeb7e3df24d01aab2111605126b12 level 15 encrypted
aaa authentication login "defaultList" line
line ssh
password d9dbeb7e3df24d01aab2111605126b12 encrypted
exit
dhcp l2relay
dhcp l2relay vlan 200
power inline legacy
!
interface ethernet 1/g41
negotiation 10h
switchport mode general
switchport general allowed vlan add 1001 tagged
power inline priority high
exit
!
interface ethernet 1/g42
negotiation 10h
switchport mode general
switchport general allowed vlan add 1001 tagged
power inline priority high
exit
!
interface ethernet 1/g43
switchport mode general
switchport general allowed vlan add 1001 tagged
exit
!
interface ethernet 1/g44
negotiation 10h
switchport mode general
switchport general allowed vlan add 1001 tagged
exit
!
interface ethernet 1/g45
channel-group 1 mode on
switchport mode general
exit
!
interface ethernet 1/g46
channel-group 1 mode on
switchport mode general
exit
!
interface ethernet 1/g47
channel-group 4 mode auto
exit
!
interface ethernet 1/g48
channel-group 4 mode auto
exit
!
interface ethernet 2/g1
dhcp l2relay
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 200 tagged
voice vlan 200
voice vlan auth disable
exit
!
interface ethernet 2/g2
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
voice vlan 200
exit
!
interface ethernet 2/g3
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g4
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g5
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g6
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g7
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g8
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g9
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g10
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g11
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g12
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g13
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g14
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g15
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g16
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g17
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g18
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g19
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g20
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g21
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g22
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g23
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g24
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
voice vlan 200
voice vlan auth disable
exit
!
interface ethernet 2/g25
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g26
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g27
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g28
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g29
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g30
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g31
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g32
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g33
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g34
dhcp l2relay
spanning-tree cost 20000
spanning-tree portfast
spanning-tree mst 0 external-cost 20000
switchport mode general
switchport general allowed vlan add 101,200,1001 tagged
voice vlan 200
exit
!
interface ethernet 2/g35
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general ingress-filtering disable
switchport general allowed vlan add 200 tagged
voice vlan 200
exit
!
interface ethernet 2/g36
dhcp l2relay
spanning-tree portfast
switchport mode general
switchport general ingress-filtering disable
switchport general allowed vlan add 200 tagged
voice vlan 200
voice vlan auth disable
exit
!
interface ethernet 2/g37
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
voice vlan 200
exit
!
interface ethernet 2/g38
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
voice vlan 200
exit
!
interface ethernet 2/g39
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g40
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g41
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g42
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g43
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g44
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g45
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g46
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g47
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 200 tagged
exit
!
interface ethernet 2/g48
channel-group 1 mode auto
switchport mode general
exit
!
interface port-channel 1
dhcp l2relay
description 'trunk to n3000'
switchport mode general
exit
!
interface port-channel 4
description 'trunk to 5324 - 214'
switchport mode general
exit
snmp-server community IH_Commun rw
snmp-server community healthy rw ipaddress 192.168.1.233
enable password d9dbeb7e3df24d01aab2111605126b12 encrypted
exit
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 19th, 2014 13:00
Thanks for the config that helps out. Looking through it here is what I have noticed and think may be the issue. With the 6200 switches, they are not able to route their own management VLAN. Which by default is VLAN 1. I think this could be playing a factor, since the DHCP server is not receiving the requests from other VLANs.
There are a couple scenarios we can test with.
console > enable
console# configure
console(config)#ip address vlan 99
console(config)#ip address 10.1.99.1 255.25.255.0
console(config)#interface vlan 1
console(config-if)#ip address 192.168.1.221 255.255.255.0
console> enable
console# config
console(config)# vlan database
console(config-vlan)# vlan 10
console(config-vlan)# exit
console(config)# interface vlan 10
console(config)#ip address 10.1.10.1 255.25.255.0
console(config-if)# name DHCP
console(config-if)# end
You would then need to change the rest of the IP scheme and PVID/access ports.
Side note, the latest firmware is 3.3.10.3. Having that up to date could help out with general operability.
http://www.dell.com/support/home/us/en/04/product-support/product/powerconnect-6248/drivers
fzilz
36 Posts
0
May 19th, 2014 17:00
Yes you are correct that I am using vlan1 as the management vlan. I understood that the 6200 series could route vlan1 but I am willing to try moving the management vlan to a new vlan. If I do move to a new vlan. what is the best way for my computer which is on vlan1 to be able to log into the web ui or telnet in. Do I have to configure the port that my computer connects to differently than the other ports i.e. general and allow 99 and 1? Does vlan 99 need a new subnet?
Sorry for all the newb questions, but I have normally managed my switches on the default vlan and subnet, but I have also normally not set my switches with routing enabled. I look forward to your advice.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 20th, 2014 05:00
when the 6248 is in l3/routing mode you can access the CLI/GUI from any IP address assigned to a VLAN. So you can still use the IP address assigned to VLAN 1.
fzilz
36 Posts
0
May 20th, 2014 09:00
Ok, that's good news. It raises the question, what's the point of a management vlan if you can manage the switch from any vlan?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 20th, 2014 09:00
On the 6200 switches the Management VLAN is designed to be treated similar to the way an OOB port would be treated.
fzilz
36 Posts
0
May 20th, 2014 10:00
So, I should be able to issue the command to change the management VLAN to a new VLAN and it should not affect anything, other than allowing the switch to route vlan1. I probably need to add a default route first as I don't have that in the route table as the switch stack was originally not in routing mode and with vlan 1 being the default it was not needed. Since all of my VLAN 1 ports are currently in Access mode, none of VLAN 1 should be tagged.
Thank you for your assistance. I will try to make this change and see what chaos I can cause.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 20th, 2014 11:00
There will be a brief period of disruption while you change the management VLAN to another VLAN and assign an IP address to VLAN 1.
A static route will help direct traffic out of your network.
Example:
console(config)# ip route 0.0.0.0 0.0.0.0 10.0.0.2
fzilz
36 Posts
0
June 2nd, 2014 14:00
Update: I changed my lan for running on the default vlan 1 to vlan 10. So now vlan 10 is my desktop and server vlan and has one private subnet. Vlan 200 is for my phone system and is on a different subnet. My DHCP is now on Vlan 10. I have vlan 200 as well as the individual ports set with DHCP relay enabled and I have the ip helper-address set for dhcp. But I am still not getting DHCP
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
June 2nd, 2014 14:00
Are devices on VLAN 10 and VLAN 200 able to ping each other right now? Need to make sure VLAN routing is working and devices on VLAN 200 can ping the DHCP server on VLAN 10.