- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Re: help with Vlans to separate networks
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2013 01:55 PM
тАО01-22-2013 01:55 PM
help with Vlans to separate networks
i have a client who is using a 3com 4500g switch. they are subletting space to another tenant. i need to isolate the traffic of the subtenant but still provide them internet access as well as DHCP and DNS. right now i have 1 window server small business server running AD, DHCP and DNS on it in port 24. they have a comcast business class circuit with an gateway address of 10.1.10.1 plugged into port 1.
i have the following vlans setup:
vlan1: 1/0/1-1/0/15, 1/0/19-1/0/39, 1/0/43-1/0/52
vlan2: empty
vlan10: 1/0/1, 1/0/16-1/0/18, 1/0/40-1/0/42
vlan1 interface: 10.1.10.2/24
vlan2 interface: empty
vlan10 interface: 192.168.50.2/24
AD/DHCP/DNS server: 10.1.10.10
dhcp scopes:
10.1.10.100-199/24 (original tenant)
192.168.50.50-100/24 (sub-let tenant)
i have enabled DHCP service on the switch
DHCP-SERVER 1 ip 10.1.10.10
interface vlan 10 1
dhcp-server 1
i am unable to get an ip address from the dhcp server on vlan 10. it just times out. if i manually enter an ip address in to my nic properties i still cant get out to the internet. clearly am missing some things. i'm pretty new to vlans so any help would be much appreciated. this is only one switch that i am working with.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2013 03:11 PM
тАО01-22-2013 03:11 PM
Re: help with Vlans to separate networks
not sure for these switches, but the current comware switches require the admin to start the dhcp process at the global level, even for dhcp relay functions:
dhcp enable
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2013 03:37 PM
тАО01-22-2013 03:37 PM
Re: help with Vlans to separate networks
i did a dhcp enable already too.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-26-2013 04:13 AM
тАО01-26-2013 04:13 AM
Re: help with Vlans to separate networks
ok, there is probably nothing wrong with the switch config, but a missing route on the dhcp server.
A dhcp server can only offer leases for an IP subnet which it reach through the routing table.
If the server is configured to use the 10.1.10.1 comcast router as default gateway, so if it received the dhcp discover from the relay agent with ip 192.x.x.x, it will send the dhcp offer to the comcast gateway. The switch does not even get the offer (it passes the switch at L2, but it does not reach the L3 routed interface at the switch)
2 solutions:
1/ set the DG of the server to the switch + configure a default route on the switch to the comcast.
This will ensure that initially the switch is DG, so the offer would reach the L3 interface of the switch
2/ add a specific route on the windows host for the 192.x.x.x subnet, which points to the switch L3 address:
route add 192.x.x.x mask 255.255.255.0 10.1.10.2 -p
Best regards,Peter