Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

DHCP and VLANs

GD Hansen
Occasional Visitor

DHCP and VLANs

I am configuring VLANs on a ProCurve 4208. I understand how to configure the basic VLANs and assign tagged ports to each. The topology is that each port will have traffic from both VLANs. How do I insure that the dhcp requests from clients that should be on VLAN 1 only go to the DHCP server that has a single interface on VLAN 1, and the DHCP requests from clients that should be on VLAN 2 only go to the DHCP server that has a single interface on VLAN 2?
6 REPLIES
OLARU Dan
Trusted Contributor

Re: DHCP and VLANs

You will need "DHCP snooping" option enabled on the switch, but I do not know if you can enable it on 4208.
Olaf Borowski
Respected Contributor

Re: DHCP and VLANs

Hi,
You need to configure DHCP-relay functionality on the VLANs. A host connected to an untagged port on a switch will send a broadcast packet (DHCP request). The switch will see this DHCP packet on that VLAN and change it to a unicast packet to the IP-helper address (DHCP-server). The DHCP-server will send a DHCP-offer to the switch which will send the packet to the host on the VLAN requesting it. This assumes, that the DHCP-server are on different subnets. If the DHCP servers reside on the same subnet (VLAN) as the clients, you don't have to do anything. The DHCP-request from the client will stay on the same VLAN (gets tagged on interconnect links)and the DHCP-server will receive the packet and send the offer to the client. For the first scenario, look at the documentation under "DHCP relay".
GD Hansen
Occasional Visitor

Re: DHCP and VLANs

In my scenario, I have a DHCP server on VLAN 1, the default VLAN. In our operation, all data will run across VLAN 1. So this DHCP server is supposed to reply to all DHCP requests from data clients that are also supposed to be exclusively on VLAN 1. VOIP is going across VLAN 2. So, if I understand you correctly, in a situation in which there are no DHCP helper statements on the switch for either VLAN, even though there is a data device (VLAN 1) and a telephone (VLAN 2) sharing a port that has been configured to support both VLANs (one tagged and one not tagged), the switch is going to know to which VLAN (and subnet) the request should be directed. How does it know this? The device requesting DHCP has no concept of on which VLAN it belongs, so it can't tell the switch to which DHCP server its request should be directed. Aren't VLANs a Layer 3 characteristic? Until a device has an IP address how can it possibly know to which VLAN it belongs?
Chris Stave
Advisor

Re: DHCP and VLANs

I'm assuming the phone traffic is the tagged traffic here.

The PC traffic will be going to the switch untagged, so the switch will put that untagged traffic into vlan 1. It will then do everything it needs to do to that traffic, including broadcasting broadcast traffic to where it needs to get, including DHCP requests going to the dhcp server on VLAN 1.

The phone traffic will be going to the switch encapsulated/tagged as vlan 2 traffic. The switch will then treat this tagged accordingly, and the broadcast traffic will go to any DHCP servers that are connected to VLAN 2.
Joel Belizario
Trusted Contributor

Re: DHCP and VLANs

No VLANs are not purely layer 3, they can be layer 2 only just by not defining an IP address for that VLAN.

When a VLAN is defined you are in effect creating a separate network and traffic can only be forwarded through the virtual router interface that is created when you assign a VLAN an IP address. The process on the Procurves is pretty simple, on some other switches you have to define this virtual interface before you can assign an IP address to it, and therefore the VLAN.

Also if you are implementing VOIP this way one of the devices (probably the PC) on each port would be untagged in your data VLAN unless your PCs have network cards that support 802.1Q tagging.
Joel Belizario
Trusted Contributor

Re: DHCP and VLANs

Just to clarify my last post further - when I mentioned forwarding traffic (routing through the virtual router interface) this is in the context of inter-VLAN or inter-network traffic.

Traffic inside the VLAN will still be switched between hosts as they are in the same broadcast domain.