Author Topic: DHCP on 3300 and windows 2008 server  (Read 10219 times)

chris

  • Guest
DHCP on 3300 and windows 2008 server
« on: June 28, 2010, 04:03:38 PM »
hi,

I am setting up a new site in our lab. i have a 3300 mxe, windows 2008 server, and hp procurve 5406 core switch. (i have loads more stuff but trying to keep this as simple as possible).

i am trying to set up the following at the customers request

3300 sat in VLAN 10 (10.41.10.0 vlan 10 subnet)
server sat in VLAN 10
IP Phones sat in VLAN 80 (10.41.80.0 vlan 80 subnet)

I have DHCP enabled on the server with 125 option tagging into vlan 80. then i have dhcp options enabled in the 3300 for the vlan 80 subnet hoping that the ip phone will drop first ip address and boot in the correct VLAN. And pc's will stay on VLAN 10 through the back of the phone.

at the moment the phones boot with option 125 from the first dhcp, get the VLAN 80 tag, it says "release" does another discovery but then hangs with a vlan 10 subnet IP address. the phone boots from vlan 80 if i program statically, or untag the port on vlan 80 so i know the 3300 dhcp is ok and the switch routing.

i had this working in the same way with only the 3300 dhcp enabling and all subnets and scopes in there.

Any ideas much appreciated


Offline ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5739
  • Country: us
  • Karma: +468/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: DHCP on 3300 and windows 2008 server
« Reply #1 on: June 28, 2010, 04:39:55 PM »
Check the data switch programming of the data switch port connected to your Win2008 server.
If it's programmed as a trunk port (like the phones should be) change it to be Access Only  on the native VLAN.

Here's why:
The phone sends out a DHCP request.  The win server responds with all the right options.
The phone drops that IP switches to the correct VLAN and send out another DHCP request.
Here's where the problem comes in
  Since the data switch port is programmed as a trunk port, it will see the broadcast on your voice vlan and respond (again) to the new request.  But, since your Win server is only handing out addresses on the dat vlan the phone gets a new IP address for the wrong vlan and it will just hang.  Eventually it will reboot and try again with the same result.

If you were to do a Wireshark sniff on the phone, you would see 3 DHCP responses.
1 from the first request from the Win Server
2 from the phones second request. (1 from the Win Server and 1 from the 3300)
Since both DHCP servers see the request on the voice vlan, both will respond.   Since the Win server is optimized for DHCP task, it will respond before the 3300.  That's the one the phone gets.

Hopefully that helps.   Let us know how it works out.

Ralph
« Last Edit: April 23, 2014, 12:17:01 PM by ralph »

Offline bluewhite4

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1041
  • Country: us
  • Karma: +20/-0
    • View Profile
Re: DHCP on 3300 and windows 2008 server
« Reply #2 on: June 28, 2010, 05:23:11 PM »
Also, why aren't your 3300 also in vlan 80? Shouldn't the phone start in vlan 10 with a DHCP address from your Server2008, and then switch to vlan 80 where'd they'd get it from the 3300? (Which would mean that the 3300 needs to be in a vlan 80 only port.)

Also, if your using ProCurve switches, giving the phone vlan a description of "IP PHONE" will cause the phones to skip getting dhcp from your data vlan all together, and boot directly into the phone vlan.

chris

  • Guest
Re: DHCP on 3300 and windows 2008 server
« Reply #3 on: June 28, 2010, 06:30:57 PM »
Thanks alot for the reply,

i had a meeting with the customer and i did suggest maybe putting the 3300 into VLAN 80, i'll try your suggestions tomorrow. to let you know more about the setup its quite large this one. i have.

teleworker server (VLAN 10)
Mitel enterprise manager server (VLAN 10)
Mitel CCM server (VLAN 10)
Audio Web Conference Server (VLAN 10)
Procurve Manager Server (VLAN 32)
Trapeze Ringmaster (VLAN 32)

I have 65 edge switches and 6 Core switches. 2x Mxe's and 1x CXi.

thats all kind of errelevant for what am trying to get working with dhcp but gives you an idea. but it does explain why the 3300 needs to be able to communicate with VLAN 10.

Are you suggesting setting the ip phones switch port as a trunk port, i dont see why it shouldn't just boot in vlan 80 if the core switch is routing via ip helper. and whats the reasoning behind saying the phones should be on trunk ports?

you say the phone will get 2 dhcp responses the second time it requestes, one from each dhcp server, but if it is sending out the request tagged in vlan 80 should that not use ip helper and only go to the 3300's dhcp server?

Thanks alot again i'll let you know tomorrow

Offline bluewhite4

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1041
  • Country: us
  • Karma: +20/-0
    • View Profile
Re: DHCP on 3300 and windows 2008 server
« Reply #4 on: June 28, 2010, 07:18:25 PM »
I think what Ralph was trying to say, and correct me if I'm wrong, but he thinks your getting what I call DHCP bleed-through. The Windows2008 server's NIC is capable of seeing multiple VLANS, so is giving out DHCP on all that it can touch. Therefore its giving out on both vlan 10 and vlan 80. So essentially the phones are getting the proper information twice, and then not knowing what to do. By changing the server's switch port to access, your limiting it to giving out DHCP onto its proper vlan.

I re-read your original post, and I guess I don't see what's suppose to be giving out DHCP only onto the vlan 80 though. Do you have a DHCP helper address on vlan 80 that points back to the 3300? And that's where you think it going to get its second address? If so, I'm not sure you can do that.

I think what you'd need to do in that case, is not use the 3300 for DHCP, but instead setup a second vlan 80 range on your 2008 server, and have the server be the destination for IP helper on vlan 80. Then the 2008 server should see what network the request is coming from, and hand out the vlan 80 address. This second range would have what would normally be the 3300 options for tftp and such. Make sense?

chris

  • Guest
Re: DHCP on 3300 and windows 2008 server
« Reply #5 on: June 29, 2010, 03:16:29 AM »
the only place i have a vlan 80 ip address range is in the 3300 dhcp, there is only a vlan 10 ip address range in the server. with options in server tagging into vlan 80, and ip helper on vlan 80 pointing at the 3300.

thanks

chris

  • Guest
Re: DHCP on 3300 and windows 2008 server
« Reply #6 on: June 29, 2010, 03:53:44 AM »
SORTED!!
spent all day on this yesterday, and i have just sorted it in 5 minutes and one command thanks to your comments. i had the switch port that the server was on tagged on vlan 80, as the server i am testing it on is the ccm. when i remove the vlan 80 tag all works fine. So the dhcp just needs to be on one of the customers other servers that doesn't need to be on vlan 80.

with me setting up such a big converged network, i am interested in Ralphs comments about (phones should be on trunk ports) can somebody explain the advantages of this please?

Thanks again for all comments

Offline ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5739
  • Country: us
  • Karma: +468/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: DHCP on 3300 and windows 2008 server
« Reply #7 on: June 29, 2010, 07:45:21 AM »
I'm glad you got it working.
The reason to put the phones on trunk ports is so that you can run your PC's through the phones.
Having the data on the native vlan and your voice on VLAN 80 gives you the ability to separate and prioritize the voice.  You do this so that you can control your voice quality.

Ralph
« Last Edit: April 23, 2014, 12:16:35 PM by ralph »

Offline bobcheese

  • Sr. Member
  • ****
  • Posts: 435
  • Karma: +3/-0
    • View Profile
Re: DHCP on 3300 and windows 2008 server
« Reply #8 on: June 30, 2010, 06:01:50 PM »
Trouble with trunk ports is that they allow info to be passed on any Vlan as long as its tagged with the correct Vlan ID therefore can be a security loophole. As long as your switch ports are setup correctly for tagged & untagged packets and for the switch ports that are running phones, whatever the untagged vlan is set to has access to the Win DHCP (either direct or via IP helper) and is the correct vlan for the function of the PC that will be plugged into the phone then you should be ok.


 

Sitemap 1 2 3 4 5 6 7 8 9 10