Cisco Secure Router 520 Series Software Configuration Guide
Configuring a LAN with DHCP and VLANs
Download this chapter
Configuring a LAN with DHCP and VLANsConfiguring a LAN with DHCP and VLANs
Download the complete book
Full Length Book PDFFull Length Book PDF (PDF - 4 MB)
give_us_feedback

Table Of Contents

Configuring a LAN with DHCP and VLANs

Configure DHCP

Configuration Example

Verify Your DHCP Configuration

Configure VLANs

Assign a Switch Port to a VLAN

Verify Your VLAN Configuration


Configuring a LAN with DHCP and VLANs

The Cisco Secure Router 520 Series routers support clients on both physical LANs and virtual LANs (VLANs). The routers can use the Dynamic Host Configuration Protocol (DHCP) to enable automatic assignment of IP configurations for nodes on these networks.

Figure 5-1 shows a typical deployment scenario with two physical LANs connected by the router and two VLANs.

Figure 5-1 Physical and Virtual LANs with DHCP Configured on the Cisco Router

1

Fast Ethernet LAN (with multiple networked devices)

2

Router and DHCP server—Cisco Secure Router 520 Series router—connected to the Internet

3

VLAN 1

4

VLAN 2


DHCP

DHCP, which is described in RFC 2131, uses a client/server router for address allocation. As an administrator, you can configure your Cisco Secure Router 520 Series router to act as a DHCP server, providing IP address assignment and other TCP/IP-oriented configuration information to your workstations. DHCP frees you from having to manually assign an IP address to each client.

When you configure a DHCP server, you must configure the server properties, policies, and DHCP options.

Note Whenever you change server properties, you must reload the server with the configuration data from the Network Registrar database.

VLANs

The Cisco Secure Router 520 Series routers support four Fast Ethernet ports on which you can configure VLANs.

VLANs enable networks to be segmented and formed into logical groups of users, regardless of the user's physical location or LAN connection.

Configuration Tasks

Perform the following tasks to configure this network scenario:

Configure DHCP

Configure VLANs

Note The procedures in this chapter assume you have already configured basic router features as well as PPPoE or PPPoA with NAT. If you have not performed these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," and Chapter 4, "Configuring PPP over ATM with NAT" as appropriate for your router.

Configure DHCP

Perform these steps to configure your router for DHCP operation, beginning in global configuration mode:

 
Command
Purpose

Step 1 

ip domain name name

Example: 

Router(config)# ip domain name smallbiz.com

Router(config)#

Identifies the default domain that the router uses to complete unqualified hostnames (names without a dotted-decimal domain name).

Step 2 

ip name-server server-address1 [server-address2...server-address6]

Example: 

Router(config)# ip name-server 192.168.11.12

Router(config)#

Specifies the address of one or more Domain Name System (DNS) servers to use for name and address resolution.

Step 3 

ip dhcp excluded-address low-address [high-address]

Example: 

Router(config)# ip dhcp excluded-address 
192.168.9.0

Specifies IP addresses that the DHCP server should not assign to DHCP clients. In this example, we are excluding the router address.

Step 4 

ip dhcp pool name

Example: 

Router(config)# ip dhcp pool dpool1

Router(dhcp-config)#

Creates a DHCP address pool on the router and enters DHCP pool configuration mode. The name argument can be a string or an integer.

Step 5 

network network-number [mask | prefix-length]

Example: 

Router(dhcp-config)# network 10.10.0.0 
255.255.255.0

Router(dhcp-config)#

Defines subnet number (IP) address for the DHCP address pool, optionally including the mask.

Step 6 

import all

Example: 

Router(dhcp-config)# import all

Router(dhcp-config)#

Imports DHCP option parameters into the DHCP portion of the router database.

Step 7 

default-router address [address2...address8]

Example: 

Router(dhcp-config)# default-router 
10.10.10.10

Router(dhcp-config)#

Specifies up to 8 default routers for a DHCP client.

Step 8 

dns-server address [address2...address8]

Example: 

Router(dhcp-config)# dns-server 192.168.35.2

Router(dhcp-config)#

Specifies up to 8 DNS servers available to a DHCP client.

Step 9 

domain-name domain

Example: 

Router(dhcp-config)# domain-name cisco.com

Router(dhcp-config)#

Specifies the domain name for a DHCP client.

Step 10 

exit

Example: 

Router(dhcp-config)# exit

Router(config)#

Exits DHCP configuration mode, and enters global configuration mode.

Configuration Example

The following configuration example shows a portion of the configuration file for the DCHP configuration described in this chapter. 

ip dhcp excluded-address 192.168.9.0

!

ip dhcp pool dpool1

   import all

   network 10.10.0.0 255.255.255.0

   default-router 10.10.10.10

   dns-server 192.168.35.2

   domain-name cisco.com

!

ip domain name smallbiz.com

ip name-server 192.168.11.12

Verify Your DHCP Configuration

Use the following commands to view your DHCP configuration.

show ip dhcp import—Displays the optional parameters imported into the DHCP server database.

show ip dhcp pool—Displays information about the DHCP address pools.

show ip dhcp server statistics—Displays the DHCP server statistics, such as the number of address pools, bindings, and so forth. 


Router# show ip dhcp import

Address Pool Name: dpool1


Router# show ip dhcp pool

Pool dpool1 :

 Utilization mark (high/low)    : 100 / 0

 Subnet size (first/next)       : 0 / 0

 Total addresses                : 254

 Leased addresses               : 0

 Pending event                  : none

 1 subnet is currently in the pool :

 Current index        IP address range                    Leased addresses

 10.10.0.1            10.10.0.1        - 10.10.0.254       0


Router# show ip dhcp server statistics

Memory usage         15419

Address pools        1

Database agents      0

Automatic bindings   0

Manual bindings      0

Expired bindings     0

Malformed messages   0

Secure arp entries   0


Message              Received

BOOTREQUEST          0

DHCPDISCOVER         0

DHCPREQUEST          0

DHCPDECLINE          0

DHCPRELEASE          0

DHCPINFORM           0


Message              Sent

BOOTREPLY            0

DHCPOFFER            0

DHCPACK              0

DHCPNAK              0

Router#

Configure VLANs

Perform these steps to configure VLANs on your router, beginning in privileged EXEC mode:

 
Command
Purpose

Step 1 

vlan database

Example: 

Router# vlan database

Router(vlan)#

Enters VLAN configuration mode.

Step 2 

vlan vlan-id [media type] [name vlan-name]

Example: 

Router(vlan)# vlan 2 media ethernet name 
VLAN0002

VLAN 2 added:

  Name: VLAN0002

  Media type: ETHERNET

Router(vlan)# vlan 3 media ethernet name 
red-vlan

VLAN 3 added:

  Name: red-vlan

  Media type: ETHERNET

Router(vlan)#

Adds VLANs, with identifiers ranging from 2 to 1001.

For details about this command and additional parameters that can be set, see the Cisco IOS Switching Services Command Reference.

Step 3 

exit

Example: 

Router(vlan)# exit

Router#

Updates the VLAN database, propagates it throughout the administrative domain, and returns to privileged EXEC mode.

Assign a Switch Port to a VLAN

Perform these steps to assign a switch port to a VLAN, beginning in global configuration mode:

 
Command
Purpose

Step 1 

interface switch port id

Example: 

Router(config)# interface FastEthernet 2

Router(config-if)#

Specifies the switch port that you want to assign to the VLAN.

Step 2 

switchport access vlan vlan-id

Example: 

Router(config-if)# switchport access vlan 2

Router(config-if)#

Assigns a port to the VLAN.

Step 3 

end

Example: 

Router(config-if)# end

Router#

Exits interface mode and returns to privileged EXEC mode.

Verify Your VLAN Configuration

Use the following commands to view your VLAN configuration.

show—Entered from VLAN database mode. Displays summary configuration information for all configured VLANs.

show vlan-switch—Entered from privileged EXEC mode. Displays detailed configuration information for all configured VLANs. 

Router# vlan database

Router(vlan)# show


  VLAN ISL Id: 1

    Name: default

    Media Type: Ethernet

    VLAN 802.10 Id: 100001

    State: Operational

    MTU: 1500

    Translational Bridged VLAN: 1002

    Translational Bridged VLAN: 1003


  VLAN ISL Id: 2 
    Name: VLAN0002 
    Media Type: Ethernet 
    VLAN 802.10 Id: 100002 
    State: Operational 
    MTU: 1500


  VLAN ISL Id: 3 
    Name: red-vlan 
    Media Type: Ethernet 
    VLAN 802.10 Id: 100003 
    State: Operational 
    MTU: 1500


  VLAN ISL Id: 1002

    Name: fddi-default

    Media Type: FDDI

    VLAN 802.10 Id: 101002

    State: Operational

    MTU: 1500

    Bridge Type: SRB

    Translational Bridged VLAN: 1

    Translational Bridged VLAN: 1003


  VLAN ISL Id: 1003

    Name: token-ring-default

    Media Type: Token Ring

    VLAN 802.10 Id: 101003

    State: Operational

    MTU: 1500

    Bridge Type: SRB

    Ring Number: 0

    Bridge Number: 1

    Parent VLAN: 1005

    Maximum ARE Hop Count: 7

    Maximum STE Hop Count: 7

    Backup CRF Mode: Disabled

    Translational Bridged VLAN: 1

    Translational Bridged VLAN: 1002


  VLAN ISL Id: 1004

    Name: fddinet-default

    Media Type: FDDI Net

    VLAN 802.10 Id: 101004

    State: Operational

    MTU: 1500

    Bridge Type: SRB

    Bridge Number: 1

    STP Type: IBM


  VLAN ISL Id: 1005

    Name: trnet-default

    Media Type: Token Ring Net

    VLAN 802.10 Id: 101005

    State: Operational

    MTU: 1500

    Bridge Type: SRB

    Bridge Number: 1

    STP Type: IBM


Router# show vlan-switch


VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0, Fa1, Fa3

2    VLAN0002                         active    Fa2

1002 fddi-default                     active

1003 token-ring-default               active

1004 fddinet-default                  active

1005 trnet-default                    active


VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1    enet  100001     1500  -      -      -        -    -        1002   1003

2    enet  100002     1500  -      -      -        -    -        0      0

1002 fddi  101002     1500  -      -      -        -    -        1      1003

1003 tr    101003     1500  1005   0      -        -    srb      1      1002

1004 fdnet 101004     1500  -      -      1        ibm  -        0      0

1005 trnet 101005     1500  -      -      1        ibm  -        0      0