HPE Community
Comware Based
1752778 Members
6200 Online
108789 Solutions
New Discussion

Re: help with Vlans to separate networks

 
baurc
Occasional Visitor

‎01-22-2013 01:55 PM

‎01-22-2013 01:55 PM

help with Vlans to separate networks

i have a client who is using a 3com 4500g switch. they are subletting space to another tenant. i need to isolate the traffic of the subtenant but still provide them internet access as well as DHCP and DNS. right now i have 1 window server small business server running AD, DHCP and DNS on it in port 24. they have a comcast business class circuit with an gateway address of 10.1.10.1 plugged into port 1.

 

 

i have the following vlans setup:

vlan1: 1/0/1-1/0/15, 1/0/19-1/0/39, 1/0/43-1/0/52

vlan2: empty

vlan10: 1/0/1, 1/0/16-1/0/18, 1/0/40-1/0/42

 

vlan1 interface: 10.1.10.2/24

vlan2 interface: empty

vlan10 interface:  192.168.50.2/24

 

AD/DHCP/DNS server: 10.1.10.10

 

dhcp scopes:

10.1.10.100-199/24 (original tenant)

 

192.168.50.50-100/24 (sub-let tenant)

 

i have enabled DHCP service on the switch

DHCP-SERVER 1 ip 10.1.10.10

interface vlan 10 1

dhcp-server 1

 

i am unable to get an ip address from the dhcp server on vlan 10. it just times out. if i manually enter an ip address in to my nic properties i still cant get out to the internet.  clearly am missing some things. i'm pretty new to vlans so any help would be much appreciated. this is only one switch that i am working with.

0 Kudos
3 REPLIES 3
Peter_Debruyne
Honored Contributor

‎01-22-2013 03:11 PM

‎01-22-2013 03:11 PM

Re: help with Vlans to separate networks

not sure for these switches, but the current comware switches require the admin to start the dhcp process at the global level, even for dhcp relay functions:

 

dhcp enable

 

0 Kudos
baurc
Occasional Visitor

‎01-22-2013 03:37 PM

‎01-22-2013 03:37 PM

Re: help with Vlans to separate networks

i did a dhcp enable already too.

0 Kudos
Peter_Debruyne
Honored Contributor

‎01-26-2013 04:13 AM

‎01-26-2013 04:13 AM

Re: help with Vlans to separate networks

ok, there is probably nothing wrong with the switch config, but a missing route on the dhcp server.

A dhcp server can only offer leases for an IP subnet which it reach through the routing table.

 

If the server is configured to use the 10.1.10.1 comcast router as default gateway, so if it received the dhcp discover from the relay agent with ip 192.x.x.x, it will send the dhcp offer to the comcast gateway. The switch does not even get the offer (it passes the switch at L2, but it does not reach the L3 routed interface at the switch)

 

2 solutions:

1/ set the DG of the server to the switch + configure a default route on the switch to the comcast.

This will ensure that initially the switch is DG, so the offer would reach the L3 interface of the switch

2/ add a specific route on the windows host for the 192.x.x.x subnet, which points to the switch L3 address:

route add 192.x.x.x mask 255.255.255.0 10.1.10.2 -p

 

Best regards,Peter

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.