HPE Community
Switches, Hubs, and Modems
1753894 Members
7503 Online
108809 Solutions
New Discussion юеВ

Re: 2810-G24 and VLAN setup for DHCP

 
Switches_1
Occasional Advisor

тАО05-27-2009 03:34 PM

тАО05-27-2009 03:34 PM

2810-G24 and VLAN setup for DHCP

I know this switch is layer-2, my firewall (192.168.20.1)is layer-3. The DHCP server is 192.168.20.2, the firewall is using DHCP-HELPER to forward requests to 192.168.20.2

The firewall has a interface of 192.168.20.1 eth0/0 VLAN-1 default, it also has a sub interface of 192.168.21.1 eth0/0.1 VLAN-21

I have the DHCP server on port 8
I have the firewall on port 1
I have a desktop trying to get a .21.x IP on port 22.

Tried several times to make port 1 untagged with vlan-1 & 21. each time, it appears to remove vlan-1 completely from the port.

How can I make a port untagged and a member of two vlans. I am sure it would work for tagged and two vlans just fine, but my equipment does not support tagging. Or is this just nothing to worry about , being tagged.

0 Kudos
6 REPLIES 6
EckerA
Respected Contributor

тАО05-27-2009 09:17 PM

тАО05-27-2009 09:17 PM

Re: 2810-G24 and VLAN setup for DHCP

Hi,
it isn't possible to have a port untagged in two vlans.
you can enable ip routing on your switch and leave the port to the fw as untagged in vlan 1 and add a route at the switch:
ip route 0.0.0.0 0.0.0.0 192.168.20.1
and you need to add a route to your fw:
ip route 192.168.21.0 255.255.255.0
then add the dhcp helper to vlan 21 on the switch:
ip helper-address 192.168.20.2

for this to work you need an ip address on each vlan of the switch!!
hth
alex
0 Kudos
Switches_1
Occasional Advisor

тАО05-28-2009 03:46 AM

тАО05-28-2009 03:46 AM

Re: 2810-G24 and VLAN setup for DHCP

Alex,

thanks, but the switch does not support ip helper, I sure wish it did.

I found out, that for a given port, I can have 1 untagged, and the rest must be tagged.
0 Kudos
cenk sasmaztin
Honored Contributor

тАО05-29-2009 01:08 AM

тАО05-29-2009 01:08 AM

Re: 2810-G24 and VLAN setup for DHCP

2810 switch L2 switch unable routing between vlan or other site

there fore do not use ip helper option

2810 switch don't use dhcp address other vlan

my advice your dhcp server must have router
your router L3 routing device routing between vlan's and vlan's other site
and this device serve dhcp server

example router config**********************
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.0.10.1 255.255.255.0
!
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address 10.0.11.1 255.255.255.0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
!
!
ip dhcp pool forvlan1
network 10.0.10.0 255.255.255.0
default-router 10.0.10.1
ip dhcp pool forvlan2
network 10.0.11.0 255.255.255.0
default-router 10.0.11.1

for example switch config****************
your switch only L2 device vlan 1 ip address
only management your switch
and connect on interface 23 your router

vlan 1
name "DEFAULT_VLAN"
untagged 1-9,21-26
ip address 192.168.1.1 255.255.255.0
no untagged 10-20
exit
vlan 2
name "VLAN2"
untagged 10-20
tagged 23
exit




cenk

0 Kudos
Switches_1
Occasional Advisor

тАО05-29-2009 04:41 AM

тАО05-29-2009 04:41 AM

Re: 2810-G24 and VLAN setup for DHCP

cenk,

thanks, let me try to share what I have in place. It is simple for now, a layer-3 router, a layer-2 switch and a laptop and dhcp server

I am concerned the dhcp request is not passing from port 22 to port 1, when the laptop requests a dhcp. I used wireshark to watch the action. This could be because of tagging. If I leave the default vlan-1 untagged through out, then make VLAN-21 tagged through out, this should work.
******************************
* Router Config 192.168.20.1 *
******************************

set interface "ethernet0/0" zone "Trust"
set interface "ethernet0/0.1" tag 21 zone "Trust"
set interface "ethernet0/1" zone "DMZ"
set interface "ethernet0/2" zone "Untrust"
set interface ethernet0/0 ip 192.168.20.1/24
set interface ethernet0/0 nat
unset interface vlan1 ip
set interface ethernet0/0.1 ip 192.168.21.1/24
set interface ethernet0/0.1 nat
set interface ethernet0/1 ip 192.168.10.1/24
set interface ethernet0/1 nat
set interface ethernet0/2 ip 216.199.xxx.xxx/29
set interface ethernet0/2 route
set interface ethernet0/2 gateway 216.199.xxx.xxx
.
.
.
set interface ethernet0/0.1 dhcp relay server-name "192.168.20.3"
set interface ethernet0/0.1 dhcp relay service

*****************
* Switch Config *
*****************
REMARK Port-1 goes to 192.168.20.1 layer-3 router.
REMARK Port-9 goes to 192.168.20.3 DHCP server - 2 scopes in DHCP
REMARK Port-22 goes to a laptop on VLAN-21


Running configuration:

; J9021A Configuration Editor; Created on release #N.11.06

hostname "ProCurve Switch 2810-24G"
snmp-server contact ""
snmp-server location ""
mirror-port 18
web-management ssl
ip default-gateway 192.168.20.1
snmp-server community "public" Unrestricted
snmp-server host 192.168.20.29 "public"
snmp-server host 192.168.20.9 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-21,23-24
ip address 192.168.20.40 255.255.255.0
no untagged 22
ip igmp
exit
vlan 21
name "Engineering"
ip igmp
exit
vlan 21
name "Engineering"
untagged 22
no ip address
tagged 1,18
exit
interface 9
monitor
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
password manager
password operator


0 Kudos
Switches_1
Occasional Advisor

тАО05-29-2009 06:42 AM

тАО05-29-2009 06:42 AM

Re: 2810-G24 and VLAN setup for DHCP

I have the sniffer on the DHCP server, it is getting DHCP discover, but no offer is sent out.
0 Kudos
Switches_1
Occasional Advisor

тАО06-10-2009 09:09 AM

тАО06-10-2009 09:09 AM

Re: 2810-G24 and VLAN setup for DHCP

FIXED, needed to set the interface on the router to routed mode.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.