Re: DHCP is not working 3560G

From: Jack Tsai (jacknew2005@gmail.com)
Date: Thu Aug 28 2008 - 12:14:13 ART

• Next message: David Prall: "RE: DHCP is not working 3560G"
• Previous message: Joseph Brunner: "RE: BPDU Filter on the interface vs. global"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

What about using "out" instead of "in" on the interface Vlan30?

Jack

omar parihuana wrote:
> Hi Group,
>
> I've configured a Switch 3560G with 3 SVIs in order to VLAN Routing:
>
> !
> interface Vlan10
> description VLAN 10
> ip address 10.53.0.253 255.255.255.0
> !
> interface Vlan20
> description VLAN 20
> ip address 10.53.5.1 255.255.255.0
> !
> interface Vlan30
> description VLAN 30
> ip address 10.53.8.1 255.255.255.0
> !
> ip route 0.0.0.0 0.0.0.0 10.53.0.1
> !
>
> After I've configured a DHCP Pool in order to assign IP address only to VLAN
> 30, the conf is:
>
> !
> !
> ip dhcp excluded-address 10.53.8.1 10.53.8.199
> ip dhcp pool DCHP
> network 10.53.8.0 255.255.255.0
> default-router 10.53.8.1
> dns-server 200.41.96.24 200.41.96.26
> !
>
> After that host in vlan 30 are assigned an IP Address correctly and the
> intervlan routing working fine, but as I need that VLAN 30 only reach to
> external networks (Internet) and not to other networks (VLAN 10 and VLAN20)
> I've created an Access-list
> !
> ip access-list extended BLOCKING-VLAN
> permit ip 10.53.8.0 0.0.0.255 host 10.53.0.1
> deny ip 10.53.8.0 0.0.0.255 10.53.0.0 0.0.0.255 log
> deny ip 10.53.8.0 0.0.0.255 10.53.5.0 0.0.0.255 log
> permit ip 10.53.8.0 0.0.0.255 any
> !
>
> !
> interface Vlan30
> description VLAN 30
> ip address 10.53.8.1 255.255.255.0
> ip access-group BLOCKING-VLAN in
> !
>
> The first sentence in ACL is necessary to reach the default gateway in
> VLAN10 (see default route above). Apparently all is working well the host in
> VLAN 30 don't reach to Servers in VLAN 10 and VLAN20, but DHCP IS NOT
> WORKING! no assign IP address to hosts. After of check the debugs, I noticed
> that when the access-list is applied to Int VLAN30 the Switch is not aware
> about DHCP request. DHCPD: DHCPDISCOVER is never received by Switch. But
> when I removed the access-list then DHCP working well, then how should I
> configure the access-list in order to allow DHCP in VLAN30 and the hosts in
> VLAN30 don't communicate the others VLANs? or maybe change the DHCP
> Configuration but how?
>
> Rgds.

Blogs and organic groups at http://www.ccie.net

• Next message: David Prall: "RE: DHCP is not working 3560G"
• Previous message: Joseph Brunner: "RE: BPDU Filter on the interface vs. global"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:32 ART