DHCP Problems across Cisco VLAN's

  • Thread starter Thread starter Travis
  • Start date Start date
T

Travis

DHCP Setup:

I have one DHCP Server residing in VLAN 90 that has a
superscope and 13 scopes inside of the superscope. My
scopes are as follows:

Vlan 5 Scope 10.9.5.0 255.255.255.128 DHCP range 20-126
Vlan 6 Scope 10.9.5.128 255.255.255.128 DHCP range 150-254
Vlan 7 Scope 10.9.6.0 255.255.255.192 DHCP range 10-62
Vlan 9 Scope 10.9.9.0 255.255.255.0 DHCP range 20-254

And so on and so forth.

The Facts:

I have every gateway configured as a DHCP relay through
the use of an IP Helper on the Cisco gear. Every Mac
computer works flawlessly and about half of the PC's work
as well no matter what VLAN they belong to. All of the
PC's are running Windows 2000 SP4 and have identicle
hardware.

The half that are not working properly occassionaly
recieve a lease from the wrong scope (probably an address
it had before the VLAN's were implemented, a guess). More
often they get an automatic address, and a release/renew
gives an error that DHCP is not reachable. This also
happens when I place the offending PC in the same VLAN as
the DHCP server. If I take my laptop (Win2k SP4) and plug
it into the same port it obtains a lease flawlessly.

What I have tried:

I have updated the NIC drivers to the latest version. I
have tried the PC on multiple VLAN's without any luck. I
have removed and reinstalled both the NIC and TCP/IP. If I
give the PC a static address it works fine and I can ping
the DHCP server. I have deleted the old lease from the
wrong scope.

Any help would be greatly appreciated.

Travis
 
what type of router do you have as your gateways?
The helper address as each gateway sounds suspect.
you should only have to put one helper address for the entire router and
put in the IP address of the dhcp server as your helper address.
have you ensured your trunk ports on your switches are setup up
correctly?
What vlans are your switches residing in?
what is residing in vlan1?
give some more info
 
<<what type of router do you have as your gateways?>>

The Router in use is actually a Cisco 4506 series Catalyst
Multi-layer Switch.

<<The helper address as each gateway sounds suspect.
you should only have to put one helper address for the
entire router and put in the IP address of the dhcp server
as your helper address.>>

On a multi-layer switch the ip helper belongs on each VLAN
interface. See the following article:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_te
ch_note09186a00800f0804.shtml#scenarios

"have you ensured your trunk ports on your switches are
setup up correctly?"

All switch-to-switch links are hard coded as 802.1q
trunks, and show an interface status of "up and up". As
mentioned previously, some 800 Machintosh PC's (OS 8.6-
10.0)on any given VLAN connected to any given switch (out
of 78 switches)obtain a valid IP address from the correct
scope and are able to browse the network and the Internet.
Of some 1000 PC's running Win2k about 50% of them work
flawlessly and the other half does what I have described,
with no regard to what VLAN they belong to, or what switch
they are plugged into. If I assign static address' they
work fine. This tells me that my trunk links are
performing adequately.

"What vlans are your switches residing in?
what is residing in vlan1?"

All of the switches, and nothing else, reside in VLAN 1.
From a working PC I can telnet, or use a browser to manage
any one of them, without a problem.

I hope this answers your questions,

Travis
 
Hi Travis,

If I understand your network correctly, you do NOT want to use superscopes.
Since you are segmenting your LAN into multiple virtual LANs you want each
VLAN to get an IP address from a designated scope. A superscope takes
multiple subnet scopes and combines then into a "super" scope to server
multiple subnets on a single physical network.

Break the superscope and your clients should all work. If not there may be
a config problem with IP helper.


From 186341 Superscoping vs. Supernetting
http://support.microsoft.com/?id=186341

"DHCP Superscoping is used when you need to assign non-supernetted or
non-consecutive IP address subnets to the same physical segment. For
example, if you needed to assign 199.1.1.x and 201.2.2.x addresses to the
same physical network, you could use superscopes or if you needed to assign
199.1.0.x and 199.1.1.x and did not want to change the subnet mask to
support supernetting."


Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Thanks Marc. Once I removed all of the scopes from the
superscope everything started working properly.

Travis
 
If you are using relays, then you do not need the Superscope.
Delete the superscope, and your configuration should work fine.

-Chris

--
==============================
Chris Edson
(e-mail address removed)

This posting is provided "AS IS" with
no warranties, and confers no rights.
==============================
Tech Chat: Secure wireless authentication using IAS, PEAP, and EAP.
September 25th, 10:00 AM PST
Chat with members of the RADIUS and authentication team about PEAP and EAP,
secure authentication, and secure wireless environments. Suggest new
features that you would like to see included in Microsoft's RADIUS server:
IAS.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itcommunity/chats/Default.asp
==============================
 
Back
Top