Home / server / Questions / 62326
In Process
Rhys Evans
Asked: 2009-09-03 05:45:06 +0800 CST

VLAN Network Implementation problem :(

  • 772

Having trouble with my network implementation for my office

Hardware:
n port switch
one server (debian based) (internet Gateway)
x amount of access points
y amount of desktops

I want to segment the desktops and access points away from each other. So Far: I've done:

vconfig add eth0 3
vconfig add eth0 10

MY /etc/network/interfaces file

auto eth0
auto eth0.3
auto eth0.10

iface eth0 inet static
address 192.168.1.101
netmask 255.255.255.0
network 192.168.1.0


iface eth0.3 inet static
address 192.168.3.101
netmask 255.255.255.0
network 192.168.3.0

iface eth0.10 inet static
address 192.168.10.101
netmask 255.255.255.0
network 192.168.10.0

Then my /etc/dhcp/dhcpd.conf file

...
subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.1 192.168.1.200;
    option routers 192.168.1.254;
    option domain-name-servers 192.168.1.101;
    }
subnet 192.168.3.0 netmask 255.255.255.0 {
    range 192.168.3.1 192.168.3.200;
    option routers 192.168.1.254;
    option domain-name-servers 192.168.1.101;
    }
subnet 192.168.10.0 netmask 255.255.255.0 {
    range 192.168.1.1 192.168.1.200;
    option routers 192.168.1.254;
    option domain-name-servers 192.168.1.101;
    }
...

On the switch then
Port connected to server is trunked and tagged to vlan 3 and 10
ports x untagged to vlan 3
ports y untagged to vlan 10

ports x or y cant get dhcp response (altho have not tried wireshark)
There isnt a firewall on the server (yet)

Anyone have any ideas?

networking dhcp

4 Answers

    1. Do you really want machines in VLAN10 to receive IPs from 192.168.1.0/24 range?

    2. It is usually not a good idea to have a static IP address (in your case .101) inside the DHCP range (in your case 1..200)

    3. Assign a static IP from the correct range to a test machine and do a basic network troubleshooting (e.g. can you ping the gateway - ping 192.168.10.101)

    4. Also not sure about the 192.168.1.254. How do you specify a default gateway for machines in VLAN3 and 10?

    • 1

  2. As you mention /etc/network/interfaces that implies a debian derivative.

    I suggest you install ifupdown-scripts-zg2 which allows you to create VLAN's from within /etc/network/interfaces so you don't need to mess with vconfig.

    Also have you verified basic connectivity on the VLAN's?

    • 0

  3. If you put a computer in each vlan with a static IP, can it ping your DHCP machine ? Your router ? The DHCP server can ping the router on each network ? Have you corrected your DHCP conf ? The router must be in the range of the network to be seen.

    • 0

  4. Have a look at the switches' CAM table and make sure the client's and the server's MACs are learned on the correct VLANs.

    One other quick thought: you are using a mixed setup with tagged/untagged port on the server side. Is the switch able to handle this? Maybe it's easier to set up eth0 (192.168.1.101) as a tagged port (eth0.x) aswell to prevent confusion on the switch side. What kind of switch are you using?

    • 0