VLAN 间路由——默认 VLAN 上的服务器提供的 DHCP 未通过第 3 层交换机返回到新创建的 VLAN

tag-icon tag-icon switch vlan ip-routing hp-procurve
VLAN 间路由——默认 VLAN 上的服务器提供的 DHCP 未通过第 3 层交换机返回到新创建的 VLAN

默认 VLAN:10.36.0.0/24 新 VLAN:10.36.8.0/24 DHCP 服务器:10.36.0.17

我可以看到 DHCP 提供数据包返回到我的 VLAN IP 地址,即 10.36.8.31(来自 DHCP 服务器消息日志)

4 月 28 日 15:33:13 dhcpd:DHCPOFFER 从 10.36.8.129 到 10.36.8.31

但是 dhcp 请求从未返回到连接到新 vlan 的我的机器(也使用 wireshark 进行了验证)

交换机是 HP Layer 3 Procurve

运行配置(删除了一些细节)

Running configuration:

*; J9588A Configuration Editor; Created on release #KA.15.17.0008



*module 1 type j9588y

 module 2 type j9588x

-fault-finder broadcast-storm sensitivity high

fault-finder bad-driver sensitivity high

fault-finder bad-transceiver sensitivity high

fault-finder bad-cable sensitivity high

fault-finder too-long-cable sensitivity high

fault-finder over-bandwidth sensitivity high

fault-finder loss-of-link sensitivity high

fault-finder duplex-mismatch-hdx sensitivity high

fault-finder duplex-mismatch-fdx sensitivity high

fault-finder link-flap sensitivity high

jumbo ip-mtu 9000

power-over-ethernet redundancy n+1

qos tcp-port ipv4 22 priority 7

qos tcp-port ipv4 80 priority 1

qos tcp-port ipv4 443 priority 0

qos type-of-service diff-services

timesync sntp

sntp broadcast

sntp server priority 1 10.36.0.17

sntp server priority 2 10.36.0.18

no telnet-server

time daylight-time-rule western-europe

no web-management

web-management ssl

ip default-gateway 10.36.0.1

ip dns server-address priority 1 10.36.0.17

ip dns server-address priority 2 10.36.0.17

no ip ssh cipher aes128-cbc

no ip ssh cipher 3des-cbc

no ip ssh cipher aes192-cbc

no ip ssh cipher aes256-cbc

no ip ssh mac hmac-md5

no ip ssh mac hmac-sha1-96

no ip ssh mac hmac-md5-96

ip route 10.36.8.0 255.255.255.0 10.36.8.1

ip routing

snmp-server community "public" unrestricted

tls application web-ssl lowest-version tls1.2

tls application openflow lowest-version tls1.2

tls application syslog lowest-version tls1.2

tls application tr69 lowest-version tls1.2

aaa authentication ssh login public-key

oobm

   ip address 10.36.0.35 255.255.255.0

   exit

router rip

redistribute connected

   exit

vlan 1

   name "DEFAULT_VLAN"

   no untagged 20-21

   untagged 1-19,22-52

   ip address 10.36.0.31 255.255.255.0

   ip helper-address 10.36.0.17

   ip igmp

   exit

vlan 8

   name "WiredUsers"

   untagged 20

   ip address 10.36.8.31 255.255.255.0

   ip helper-address 10.36.0.17

   ip igmp

   exit

spanning-tree

关于为什么 DHCP 提供不能从 10.36.8.31 跳转到同一子网上的我的机器,有什么建议吗?

答案1

我认为您可能不需要为 10.36.8.0/24 网络定义显式路由,因为它是直接连接的网络。尝试删除该路由语句,然后查看路由表,看看是否有显示为直接连接或类似内容的 10.36.8.0 路由。我不熟悉 HP 交换机,因此我根据我对使用 Cisco 交换机的 VLAN 间路由的了解来判断。然后查看您的 DHCP 客户端是否获得 DHCP 分配的 IP 地址。

这是 Cisco 3560 交换机的输出。您会发现,我没有为我的 VLAN 明确定义路由语句,因为它们都是直接连接的。

Switch#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/16 is subnetted, 4 subnets
C       10.1.0.0 is directly connected, Vlan10
C       10.2.0.0 is directly connected, Vlan20
C       10.3.0.0 is directly connected, Vlan30
C       10.4.0.0 is directly connected, Vlan40

Switch#sh run
Building configuration...

Current configuration : 1504 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
!
!
ip routing
!
!
!
!
!
!
!
!
!
!
no spanning-tree vlan 1,10,20,30,40
!
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 30
 switchport mode access
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport access vlan 40
 switchport mode access
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 10.1.0.1 255.255.0.0
!
interface Vlan20
 ip address 10.2.0.1 255.255.0.0
!
interface Vlan30
 ip address 10.3.0.1 255.255.0.0
!
interface Vlan40
 ip address 10.4.0.1 255.255.0.0
!
ip classless
!
!
!
!
!
!
!
line con 0
line vty 0 4
 login
!
!
!
end


Switch#

相关内容