.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
DHCP is not working 3560G
DHCP is not working because the end station starts out without an address, and will use a source of 0.0.0.0 to a destination of 255.255.255.255 to try and get an address. This traffic is being blocked by your access list.
Try adding a “deny ip any any log” at the end of your access list and see what traffic is blocked when the DHCP request comes in.
Or, you could look up what a DHCP request looks like.
http://technet.microsoft.com/en-us/library/bb727003(TechNet.10).aspx#EHAA
Marvin Greenlee, CCIE #12237 (R&S, SP, Sec) Senior Technical Instructor - IPexpert, Inc. Telephone: +1.810.326.1444 Fax: +1.810.454.0130 Mailto: mgreenlee@ipexpert.com
Progress or excuses, which one are you making?
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of omar parihuana Sent: Saturday, July 12, 2008 1:06 PM To: Cisco certification Subject: DHCP is not working 3560G
Hi Group,
I’ve configured a Switch 3560G with 3 SVIs in order to VLAN Routing:
! interface Vlan10 description VLAN 10 ip address 10.53.0.253 255.255.255.0 ! interface Vlan20 description VLAN 20 ip address 10.53.5.1 255.255.255.0 ! interface Vlan30 description VLAN 30 ip address 10.53.8.1 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 10.53.0.1 !
After I’ve configured a DHCP Pool in order to assign IP address only to VLAN 30, the conf is:
! ! ip dhcp excluded-address 10.53.8.1 10.53.8.199 ip dhcp pool DCHP network 10.53.8.0 255.255.255.0 default-router 10.53.8.1 dns-server 200.41.96.24 200.41.96.26 !
After that host in vlan 30 are assigned an IP Address correctly and the intervlan routing working fine, but as I need that VLAN 30 only reach to external networks (Internet) and not to other networks (VLAN 10 and VLAN20) I’ve created an Access-list ! ip access-list extended BLOCKING-VLAN permit ip 10.53.8.0 0.0.0.255 host 10.53.0.1 deny ip 10.53.8.0 0.0.0.255 10.53.0.0 0.0.0.255 log deny ip 10.53.8.0 0.0.0.255 10.53.5.0 0.0.0.255 log permit ip 10.53.8.0 0.0.0.255 any !
! interface Vlan30 description VLAN 30 ip address 10.53.8.1 255.255.255.0 ip access-group BLOCKING-VLAN in !
The first sentence in ACL is necessary to reach the default gateway in VLAN10 (see default route above). Apparently all is working well the host in VLAN 30 don’t reach to Servers in VLAN 10 and VLAN20, but DHCP IS NOT WORKING! no assign IP address to hosts. After of check the debugs, I noticed that when the access-list is applied to Int VLAN30 the Switch is not aware about DHCP request. DHCPD: DHCPDISCOVER is never received by Switch. But when I removed the access-list then DHCP working well, then how should I configure the access-list in order to allow DHCP in VLAN30 and the hosts in VLAN30 don’t communicate the others VLANs? or maybe change the DHCP Configuration but how?
Rgds.
– Omar E.P.T —————– Certified Networking Professionals make better Connections!
