HPE Community
Switches, Hubs, and Modems
1753419 Members
4759 Online
108793 Solutions
New Discussion юеВ

2610-pwr

 
SOLVED
Go to solution
M.Aanstoot
Occasional Contributor

тАО03-16-2009 06:01 AM

тАО03-16-2009 06:01 AM

2610-pwr

Hello,

we are playing with Hp procurve 2610 with data and VOIP vlan's.
We have a dhcp server which handels both VLAN DHCP requests. Initially the phone gets a DHCP IP address from the DATA LAN. Becauce is sends some option to the DHCP server the DHCP server knows the phone must go to the voice VLAN. The phone releases it's Data Lan IP address and does another dhcp request in the Voice VLAN scope. This works when the switch is setup with clients ports on the switch tagged for VOICE Vlan and untagged for DATAVLAN. No problems so far, what we don't understand is why the DHCP server port on the switch must be configured with Data VLAn as Untagged and Voice Vlan as NO. When the VOICE Vlan tagging is different from NO then the phone can't get an IP address in the VOICE Vlan. Can anybody explain why the DHCP server must have tagging NO for Voice Vlan ?

Thanks in advance !

regards,

Mike
0 Kudos
8 REPLIES 8
Matt Hobbs
Honored Contributor

тАО03-16-2009 06:52 AM

тАО03-16-2009 06:52 AM

Re: 2610-pwr

Do you have the IP helper-address configured on the switch?

Is the server configured to be a member of both VLANs through it's NIC driver?

I would usually do a packet capture to try and understand what's happening here. But, since you've already figured out your workaround I wouldn't spend too much time worrying about it. In fact, your solution is a better anyway than doing it the other way.

0 Kudos
M.Aanstoot
Occasional Contributor

тАО03-16-2009 07:04 AM

тАО03-16-2009 07:04 AM

Re: 2610-pwr

Hi Matt,

thanks for your reply. I have configured the DHCP helper address. It all works fine and we are happy with it, it is just I try understand why the VOICE VLAN tagging must be configured with no for the dhcp server port. I have looked with wireshark at what happens when the port is not NO and we can see that the phone doesn't receive the offer from the dhcp server. The phone already has released it's initial IP address and after a while it does a new DHCP broadcast in the DATA Vlan. When the dhcp server is tagged with NO then all goes well.
It's no real pain I just would like to understand the tagging better.

regards,

Mike
0 Kudos
Pieter 't Hart
Honored Contributor

тАО03-17-2009 12:05 AM

тАО03-17-2009 12:05 AM

Re: 2610-pwr

The DHCP-server is configured only in the data-vlan. In this case it does not recognize vlan-tagged packets.
vlan-tagged packets have a different header than untagged packets, so packet are discarded because of unrecognized header.
In your configuration the switch removes the vlan-tag from the packet before it's sent to the DHCP-server even for packets comming from the voice vlan.
As dhcp-requests are broadcast it apearently works eventhough data is from different subnets and from different vlans.
But it's not the right way to do it.

You must understand subnets and vlans are commonly mapped one-to-one, but are two very different things. If you picture the vlan's as physically separate networks it may become more clear what can/can't.

You should use routing and a ip-helper from voice-vlan to data-vlan, this results in the dhcp-packets from voice-vlan being "routed" to the data-vlan and the dhcp-server receives only packets untagged in the data-vlan but knows it has to return the data to the voice subnet through the router.

alternatively you may consider configuring your NIC in the dhcp-server to recognize vlan-tagged packets (its someware in the NIC-driver for broadcom-nics look for BACS utility) effectively creating a second (virtual) nic. So the dhcp-server has one interface in each vlan (one tagged/one untagged, or both tagged).
0 Kudos
M.Aanstoot
Occasional Contributor

тАО03-17-2009 12:13 AM

тАО03-17-2009 12:13 AM

Re: 2610-pwr

Hi Pieter,

thanks for your reply. Find attached a config file of a switch with VOICE and DATA. Can you point out where my configuration is wrong? I have routing enabled on the switch and also the IP helper address is configured.

Thanks again.

regards,

Mike
0 Kudos
Pieter 't Hart
Honored Contributor

тАО03-17-2009 12:25 AM

тАО03-17-2009 12:25 AM

Re: 2610-pwr

hello Mike,
>>>
ip default-gateway 192.168.60.200
ip routing
<<<
because of statement "ip routing",
the statement "ip default-gateway 192.168.60.200" is ignored.
use "ip route 0.0.0.0 0.0.0.0 192.168.60.200" instead.

>>>
vlan 100
name "DATAVLAN"
untagged 1-20,25-26
ip address 192.168.60.75 255.255.255.0
ip helper-address 192.168.60.1
ip helper-address 172.20.1.166
<<<
"ip helper-address 192.168.60.1" is within the same subnet as vlan100 and therefore has no function and can be removed.

question : now what is the dhcp-server 192.168.60.1 or 172.20.1.166?
172.20.1.166 seems to be behind another router (192.168.60.200), so check if this knows a route back.


Pieter
0 Kudos
M.Aanstoot
Occasional Contributor

тАО03-17-2009 12:50 AM

тАО03-17-2009 12:50 AM

Re: 2610-pwr

Hi Pieter,

we have 2 dhcp servers, one on the location and one central dhcp server with split scopes. The idea is that when the local dhcp server is unavailable for some reason the clients (phones and stations can still get an IP address from the central dhcp server.

dhcp relay is enabled also on the router. We have tested this and it works fine.

So do I understand correctly that if IP route is set to 0.0.0.0 all traffic knows it's way to the router and from there will be rerouted to it's specific VLAN ? The tagging for the dhcp server can then be untagged for data and tagged for voice ? I will test it anyway. Thanks again for your help in this.

regards,

Mike
0 Kudos
Pieter 't Hart
Honored Contributor

тАО03-17-2009 02:59 AM

тАО03-17-2009 02:59 AM

Solution

Re: 2610-pwr

No the voice-vlan must not be sent to the (local) DHP-server port.
This port must only be untagged in the data vlan. The dhcp server does not recognize the vlan-tag!

The switch (in fact the router process in the switch) intercepts dhcp-requests comming from the voice vlan, forwards this using the ip-helper adress(es) to the data subnet/vlan and uses it's interface adress (192.168.60.75) in the data subnet/vlan to send the packets untagged to the dhcpserver.
The dhcpserver responds to this request, sending an offer back to the router (192.168.60.75) wich sends it out to the voice vlan using adress 172.28.60.250
M.Aanstoot
Occasional Contributor

тАО03-17-2009 03:24 AM

тАО03-17-2009 03:24 AM

Re: 2610-pwr

Pieter,

got you now, clear answer. Thanks and regards,

Mike
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.