HPE Community
HPE Aruba Networking & ProVision-based
1819766 Members
3195 Online
109606 Solutions
New Discussion

VLANs, DHCP in a layer 2 network

 
Tony Barrett_2
Frequent Advisor

‎06-17-2014 09:13 AM

‎06-17-2014 09:13 AM

VLANs, DHCP in a layer 2 network

Hopefully this will make sense, but I'm not sure if what I need to do will work.

 

We have a non-HP wireless LAN connected to Procurve PoE switches. We use the untagged VLAN1 for all standard traffic, and this works fine. We have another company moving into part of the site who want to 'share' our wifi for convenience sake. They have their own equipment rack and servers (inc A/D, DNS and DHCP) also on untagged VLAN1. For wired clients, this won't be a problem, as their network is not physically connected to ours. For wireless clients, it's a different matter.

 

We need to make sure their wireless clients only get DHCP addresses from their DHCP servers, but we need to keep their wifi traffic seperate and isolated, so VLAN's are the obvious path. We can tag packets leaving the access points from their wifi clients (not a problem), and then control where the tagged packets go across our PoE switches by putting the same tag on those wired ports, but getting those DHCP packets to their DHCP server is not easy. I've tried the following;

 

Configuring a dedicated port on our PoE switch with the same VLAN tag as their wireless clients. This port then connects to their switch, so the uplink port on that switch is also tagged. All their broadcasts get to this port, but not to the DHCP server. I don't necessarily want to use routing either (overkill), but I've tried enabling DHCP-RELAY and using the IP-HELPER-ADDRESS for their DHCP server on the tagged VLAN, but still nothing. The wifi client connects to wifi, but just gets an APIPA address.

 

Is their any way to do this on a pure layer 2 setup? If I have to use routing, I'll consider it, but it's not ideal. I also don't have the luxury of being able to put their network on the same tagged VLAN as their wifi clients.

 

Essentially, the problem is tagged packets not reaching an untagged VLAN in a layer 2 environment.

 

Any advice appreciated.

0 Kudos
2 REPLIES 2
Tony Barrett_2
Frequent Advisor

‎06-18-2014 02:22 AM

‎06-18-2014 02:22 AM

Re: VLANs, DHCP in a layer 2 network

Ok, let's put it another way. If tagged packets are entering a switch port, can a procurve switch remove those tags automatically with a specific vlan configuration?
0 Kudos
Chrisd131313
Trusted Contributor

‎06-23-2014 02:54 AM

‎06-23-2014 02:54 AM

Re: VLANs, DHCP in a layer 2 network

Hi Tony,

 

You will need to have the same VLAN passed through to their DHCP server, so if at any point in the path its dropping from a tagged port to a untagged port the broadcast will never make it.

 

In my mind I would stick a routing device in between the two LANs and use that. There might well be another way of fixing this, but I have had some wireless/DHCP/VLAN issues in the past and it was down to a untagged VLAN 1 switch being in the path between the AP and the DHCP server.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.