How do I configure an IP helper for DHCP when handling mulitple VLANS

  • 1
  • Question
  • Updated 1 week ago
I am new to ICX.  I have SPR08061a code running and have Ruckus R610 APs plugged in to multiple ports.  The AP are configured for 4 VLANs via 4 SSIDs (based on OS running on end device and a guest network).
I have my main ICX 7150 plugged into my Internet router (Sonicwall) and also back to server room with a second ICX 7150 wherer DHCP server is.
Question is how do I set up DHCP IP helper so wireless clients each get the appropriate IP from the DHCP server?

I can provide more info if it is needed.

TT24
Photo of TomTom24

TomTom24

  • 5 Posts
  • 0 Reply Likes
  • Confused

Posted 2 weeks ago

  • 1
Photo of Dave Watkins

Dave Watkins

  • 64 Posts
  • 13 Reply Likes
Whatever device hosts the gateways for the subnets is the device that needs the ip-helper setup. You don't mention what that is so that's about as much as anyone can tell you. Depending on device it may also be called a DHCP Relay Agent. All you should have to do is give it the IP address of your DHCP server
Photo of TomTom24

TomTom24

  • 5 Posts
  • 0 Reply Likes
Dave,

Thanks for the reply.  I am still building this replacement structure for the old over-worked network, so I have options.
My thought was to use the new main ICX-7150 as the gateway for the new VLANs (10.56.2.250, 10.56.3.250), and use the existing networks DHCP on 10.56.0.x as the DHCP for all 3 networks. VLAN 2 and 3 are tied to router-interfaces ve 2 and ve 3, so am I interpreting this correctly?
#interface ve 2
#ip helper-address 10.56.0.x
#exit
#interface ve 3
#ip helper-address 10.56.0.x
#exit
#wr mem
?
Photo of Dave Watkins

Dave Watkins

  • 64 Posts
  • 13 Reply Likes
I've not dealt with ICX so can't tell you is that's the correct commands for the platform, but the intention is correct
Photo of Igor Tunakin

Igor Tunakin

  • 7 Posts
  • 1 Reply Like
Hi Tom,

could you show the network diagramm. It is a litle bit unclear  why do you need a DHCP-relay. You must confgure a helper addres to forward a client broadcast request for a UDP application when the client and DHCP-server are on different networks.
Do I understand correct that you have two ICX 7150 and both of them have L3 image? If your Router have all VLANs in the routing table you don't need to configure a DHCP-Relay.
Photo of TomTom24

TomTom24

  • 5 Posts
  • 0 Reply Likes
@Igor,
I'm not sure how to upload an attachment in this forum, but I had a post recently on the old Brocade forums with a diagram that's very close to my current layout. https://community.brocade.com/t5/Ethernet-Switches-Routers/Routing-a-new-vlan/td-p/94904
.  (I'm still trying to figure out who owns the ICX Brocade family of switches now... Brocade directs you to Extreme Networking as the new place, but Ruckus is branded on the switches and has all the software updates and docs.)
Photo of Chris Hill

Chris Hill

  • 1 Post
  • 0 Reply Likes
Ruckus owns the ICX line but that's it. 
Photo of Igor Tunakin

Igor Tunakin

  • 7 Posts
  • 1 Reply Like
Truth be told I am steel not sure I understand your network.  You wrote 'second ICX 7150 wherer DHCP'. Does it means you configured  DHCP  pools on  your 2nd switch? Show the configuration of the 2nd switch please.
Photo of TomTom24

TomTom24

  • 5 Posts
  • 0 Reply Likes
Igor,

Thanks, the diagram is a little off, as it was one I did as I was still building.  DHCP is on a Windows server off second switch, on Vlan 1. Here is the show run for second ICX7150:
Current configuration:
!
ver 08.0.61aT213
!
stack unit 1
  module 1 icx7150-24p-poe-port-management-module
  module 2 icx7150-2-copper-port-2g-module
  module 3 icx7150-4-sfp-plus-port-40g-module
!
!
global-stp
!
lag ToMain dynamic id 1
 ports ethe 1/1/1 to 1/1/2
!
!
!
vlan 1 name DEFAULT-VLAN by port
 router-interface ve 1
 spanning-tree
!
vlan 2 by port
 tagged ethe 1/1/16 to 1/1/24 lag 1
 router-interface ve 2
 spanning-tree
!
vlan 3 by port
 tagged ethe 1/1/16 to 1/1/24 lag 1
 router-interface ve 3
 spanning-tree
!
vlan 10 name Guest by port
 tagged ethe 1/1/16 to 1/1/24 lag 1
 untagged ethe 1/1/15
 spanning-tree
!
!
!
!
!
!
!
!
!
!
!
!
!
aaa authentication web-server default local
aaa authentication login default local
enable telnet authentication
enable aaa console
hostname "Brocade Annex-240"
ip dns domain-list DOMAIN.MY
ip dns server-address 10.56.0.6 10.56.0.8
ip route 0.0.0.0/0 10.56.0.1
ip route 10.56.2.0/24 ve 2
ip route 10.56.2.0/24 0.0.0.0
ip route 10.56.3.0/24 ve 3
ip route 10.56.3.0/24 0.0.0.0
!
username Admin password .....
password-change any
snmp-server contact Tom Lebel
snmp-server location Annex Computer Room
!
!
clock timezone gmt GMT-05
web-management https
!
!
!
!
!
!
!
interface ethernet 1/1/16
 dual-mode
 inline power
!
interface ethernet 1/1/17
 dual-mode
 inline power
!
interface ethernet 1/1/18
 dual-mode
 inline power
!
interface ethernet 1/1/19
 dual-mode
 inline power
!
interface ethernet 1/1/20
 dual-mode
 inline power
!
interface ethernet 1/1/21
 dual-mode
 inline power
!
interface ethernet 1/1/22
 dual-mode
 inline power
!
interface ethernet 1/1/23
 dual-mode
 inline power
!
interface ethernet 1/1/24
 dual-mode
!
interface ethernet 1/3/1
 speed-duplex 1000-full
!
interface ethernet 1/3/2
 speed-duplex 1000-full
!
interface ethernet 1/3/3
 speed-duplex 1000-full
!
interface ethernet 1/3/4
 speed-duplex 1000-full
!
interface lag 1
 dual-mode
!
interface ve 1
 ip address 10.56.0.240 255.255.254.0
!
interface ve 2
 ip address 10.56.2.240 255.255.255.0
!
interface ve 3
 ip address 10.56.3.240 255.255.255.0
!
!
!
!
!
!
!
!
!
end

TT
Photo of Igor Tunakin

Igor Tunakin

  • 7 Posts
  • 1 Reply Like
Once again for understanding. When a device connects to a network, the DHCP client software sends a broadcast query. When a client is in VLAN 2 or 3 and the DHCP-server is on VLAN1, to forward a DHCP request you should configure helper address on the interface connected to the client. In your case it is Interfaces from 1/1/15 to 1/1/24.
The ports form 1/1/1 to 1/1/14 have dafault VLAN1 and all clients conected to this ports are able to connect your DHCP-Server.

The alternative solution would be to configure DHCP pools on the switch. I this case you donot need the Windows DHCP server. 

For example:

ip dhcp-server enable
!
ip dhcp-server pool 1
 dhcp-default-router 10.56.0.240
 dns-server 8.8.8.8
 excluded-address 10.56.0.1 10.56.0.240
 network 10.56.0.0/23
 deploy
!
ip dhcp-server pool 2
 dhcp-default-router 10.56.2.240
 dns-server 8.8.8.8
 excluded-address 10.56.2.240
 network 10.56.2.0/24
 deploy
!
ip dhcp-server pool 3
 dhcp-default-router 10.56.3.240
 dns-server 8.8.8.8
 excluded-address 10.56.3.240
 network 10.56.3.0/24
 deploy
!
ip dhcp-server pool 10
... ???

Please pay attention to the VLAN 10. There is not router-interface configuration.
(Edited)
Photo of TomTom24

TomTom24

  • 5 Posts
  • 0 Reply Likes
Igor,

Thank you. I think I am finally getting it. Just as clarification to me, in my case, as the WAPs are plugged in to interfaces 1/1/16-1/1/24 and carry all VLANs, and VLANs router-interfaces on ve 2 and ve 3, should I be putting the ip helper-address in the ve interface, or the physical interfaces?

interface ve 2
 ip address 10.56.2.240 255.255.255.0
 ip helper-address 1 10.56.0.x
0r like:
interface ethernet 1/1/16
 dual-mode
 inline power
 ip helper-address 1 10.56.0.x

?
TT
Photo of Igor Tunakin

Igor Tunakin

  • 7 Posts
  • 1 Reply Like
Hi Tom,

truthly I did not check the helper feature. I am using the DHCP-Server which is integrated into the switch. And it works fine.

Did you read the guide Brocade FastIron DHCP Configuration Guide, 08.0.61 Part Number: 53-1005199-01? It is wery helpful.

So, if my understanding is correct you have to configure ip helper address in each  ve interface.  hope this helps.


Regards
Igor