EdgeSwitch - How to Set Up a VLAN-Aware DHCP Server

 Overview


This article describes the steps needed to set up a DHCP Server and create multiple scopes on an EdgeSwitch (ES). Each DHCP Scope will be assigned to a specific VLAN through the use of a routable VLAN-Interface.

 book_25x25.png  Notes & Requirements:

Applicable to EdgeSwitch 1.7.0 + firmware in all EdgeSwitch models. Knowledge of the Command Line Interface (CLI) and basic networking knowledge is required. Find a basic article on the subject in the Related Articles below.

 

Equipment used in this article:

- EdgeSwitch-8-150W (ES-8-150W)


Table of Contents


  1. Network Diagram
  2. Steps - VLANs and VLAN-Interfaces
  3. Steps - DHCP Scopes
  4. Steps - Testing & Verification
  5. Related Articles

Network Diagram


Back to Top

The network topology is shown below. The following interfaces are in use on the ES:

  1. Ethernet 1 (0/1) VLAN 10
  2. Ethernet 2 (0/2) VLAN 20
  3. VLAN10-Interface 192.168.10.1/24
  4. VLAN20-Interface 192.168.20.1/24


Steps - VLANs and VLAN-Interfaces


Back to Top

In this example the ES is running in the default configuration with the addition of SSH management access. The first step is to create the VLANs and associate them to specific ports (untagged). The instructions below contain both the GUI (Web-Management Portal) and CLI (Command Line Interface) configuration methods.

 

CLI_circle.png  (CLI Method) Access the switch’s CLI. You can do this using the console port or by using a SSH program such as PuTTY.

1. Enter privileged mode.

enable

2. Create the VLANs and VLAN-Interfaces (VLAN10 and VLAN20).

vlan database
vlan 10,20
vlan routing 10 1
vlan routing 20 2
exit
info_i_25x25.png Note: The format is vlan routing <vlan-id> <interface-id (1-15)>. The interface-id does not need to match the VLAN number and is used to separate the VLAN-Interfaces in the internal switch architecture.

3. Enter configuration mode.

configure

4. Assign the ports to the VLANs created above.

The configuration below assigns 0/1 to VLAN10 and 0/2 to VLAN20 using the pvid command (untagged port). Afterwards both VLAN1 (default) and the other VLAN are excluded from participating on the port.

interface 0/1
vlan pvid 10
vlan participation exclude 1,20
vlan participation include 10
exit

interface 0/2
vlan pvid 20
vlan participation exclude 1,10
vlan participation include 20
exit

5. Associate the VLAN interfaces with IP Addresses and enable IP Routing.

ip routing

interface vlan 10
ip address 192.168.10.1 255.255.255.0
routing           
exit

interface vlan 20
ip address 192.168.20.1 255.255.255.0
routing
exit

 

www.png  (GUI Alternative) Access the switch Web-Management Portal (GUI).

1. Create the VLANs (VLAN10 and VLAN20).

Basic > VLAN > VLAN Wizard > Add VLAN  

Enter 10,20 and select 'Add' 

2. Assign the ports to the VLANs created above using the wizard.

Port 0/1: Excluded (E) for VLAN1
Port 0/1: Untagged (U) for VLAN10
Port 0/1: Excluded (E) for VLAN20

Port 0/2: Excluded (E) for VLAN1
Port 0/2: Excluded (E) for VLAN10
Port 0/2: Untagged (U) for VLAN20 

3. Create the VLAN-Interfaces and enable IP Routing functionality.

Routing > IP> Configuration

Routing Mode: Enabled 

Routing > IP > Interface Configuration

Type: VLAN
VLAN: VLAN 10
Routing Mode: Enable
Admin Mode: Enable
IP Address Configuration Method: Manual
IP Address: 192.168.10.1
Subnet Mask: 255.255.255.0

Type: VLAN
VLAN: VLAN 20
Routing Mode: Enable
Admin Mode: Enable
IP Address Configuration Method: Manual
IP Address: 192.168.20.1
Subnet Mask: 255.255.255.0

Steps - DHCP Scopes


Back to Top

One of the fundamental rules of assigning DHCP leases is the presence of an interface in the same network range (subnet). In this article these interfaces are the VLAN-Interfaces created above. The DHCP scopes are linked to VLAN10 and VLAN20 because of the presence of these VLAN-Interfaces. If these interfaces are not configured, the switch does not know which pool to assign addresses from.

info_i_25x25.png Note: In this example the DHCP address range is 192.168.10.11-150 for VLAN10, and 192.168.20.11-150 for VLAN20. The lease time is 12 hours and the gateway is the switch itself on the relevant VLAN-Interface.

 

CLI_circle.png  (CLI Method) Access the switch’s CLI.

1. Enter configuration mode.

configure 

2. Create the DHCP scopes for the VLANs.

service dhcp

ip dhcp excluded-address 192.168.10.0 192.168.10.10
ip dhcp excluded-address 192.168.10.151 192.168.10.255

ip dhcp pool "VLAN10"
lease 0 12 0
dns-server 8.8.8.8 8.8.4.4
default-router 192.168.10.1
network 192.168.10.0 255.255.255.0
exit

ip dhcp excluded-address 192.168.20.0 192.168.20.10
ip dhcp excluded-address 192.168.20.151 192.168.20.255

ip dhcp pool "VLAN20"
lease 0 12 0
dns-server 8.8.8.8 8.8.4.4
default-router 192.168.20.1
network 192.168.20.0 255.255.255.0
exit

3. Exit to privileged mode.

exit

4. Save the configuration.

write memory

www.png  (GUI Alternative) Access the switch Web-Management Portal (GUI).

1. Create the DHCP scopes for the VLANs and enable DHCP globally.

 System > Advanced Configuration > DHCP Server > Global

Admin Mode: Enable

System > Advanced Configuration > DHCP Server > Pool Summary > Add Pool

Pool Name: VLAN10
Type of Binding: Dynamic
Network Base Address: 192.168.10.0
Network Mask: 255.255.255.0
Range Start: 192.168.10.11
Range Stop: 192.168.10.150
Lease Expiration: Enable
Lease Duration: 12 Hours
Default Router Address: 192.168.10.1
DNS Server Address 1: 8.8.8.8
DNS Server Address 2: 8.8.4.4

Pool Name: VLAN20
Type of Binding: Dynamic
Network Base Address: 192.168.20.0
Network Mask: 255.255.255.0
Range Start: 192.168.20.11
Range Stop: 192.168.20.150
Lease Expiration: Enable
Lease Duration: 12 Hours
Default Router Address: 192.168.20.1
DNS Server Address 1: 8.8.8.8
DNS Server Address 2: 8.8.4.4

Steps - Testing & Verification


Back to Top

The last step is to test and verify the DHCP scopes and the DHCP client lease assignments (bindings). After plugging in hosts to both port 0/1 and 0/2 verify using the following commands: 

1. The VLAN state of the interfaces:

show interfaces switchport general
Intf      PVID  Ingress    Acceptable  Untagged  Tagged   Forbidden  Dynamic
                Filtering  Frame Type  Vlans     Vlans    Vlans      Vlans
--------- ----- ---------- ---------- --------- --------- --------- ---------
0/1       10    Disabled   Admit all  10                  1,20
0/2       20    Disabled   Admit all  20                  1,10

2. The globally configured DHCP options and pools:

show ip dhcp global configuration
Service DHCP................................... Enable
Number of Ping Packets......................... 2
Excluded Address............................... 192.168.10.0 to 192.168.10.10
                                                192.168.10.151 to 192.168.10.255
                                                192.168.20.0 to 192.168.20.10
                                                192.168.20.151 to 192.168.20.255
Conflict Logging............................... Enable
Bootp Automatic................................ Disable

show ip dhcp pool configuration all
Pool: VLAN10
Pool Type...................................... Dynamic
Network........................................ 192.168.10.0 255.255.255.0
Lease Time..................................... 0 days 12 hrs 0 mins
DNS Servers.................................... 8.8.8.8
                                                8.8.4.4
Default Routers................................ 192.168.10.1

Pool: VLAN20
Pool Type...................................... Dynamic
Network........................................ 192.168.20.0 255.255.255.0
Lease Time..................................... 0 days 12 hrs 0 mins
DNS Servers.................................... 8.8.8.8
                                                8.8.4.4
Default Routers................................ 192.168.20.1 

3. The dynamic DHCP bindings (leases):

show ip dhcp binding
IP address         Hardware Address     Lease Expiration     Type
---------------    -----------------    -----------------    ---------
192.168.20.11      44:d9:e7:93:55:47    00:11:59             Automatic
192.168.10.11      04:18:d6:c3:a5:ba    00:11:57             Automatic

Related Articles


Back to Top

 

Powered by Zendesk