VLAN is a switch feature. It creates a group of devices that share broadcast messages in the local network. A broadcast message generated in one VLAN does not reach another VLAN. A DHCP server and clients use broadcast messages to communicate. Hence, if we configure a DHCP server in a VLAN and DHCP clients in another VLAN, DHCP clients will never get IP configurations. DHCP works when both the DHCP server and clients are available in the same VLAN. If we have multiple VLANs in a network, we have to configure a separate DHCP pool for each VLAN.
By default, switches forward broadcast messages. To control and limit broadcast messages, switches use VLANs. A VLAN defines a logical boundary for broadcast messages. If a VLAN is defined, the switch forwards broadcast messages only inside the VLAN.
Let's take a simple example to understand how VLAN controls broadcast messages.
A small network is built by using an 8 port switch. Until we configure a VLAN on it, it will forward an incoming broadcast message from all ports except the port on which the message came from.
Now, suppose we configure two VLANs on it and add the first four ports to the first VLAN and the last four ports to the second VLAN. After this configuration, when the switch receives a broadcast message on a port, it forwards the message only from the ports that belong to the same VLAN.
For example, if the switch receives a broadcast message on port 2, it will forward that message from ports 1, 3, and 4 only. Because, port 2 belongs to the first VLAN and other ports that belong to the first VLAN are 1, 3, and 4. Since ports 5, 6, 7, and 8 don't belong to the first VLAN, the switch will not forward the incoming broadcast message from these ports.
VLANs optimize networks by reducing the area of broadcast messages, but they cause problems for applications that rely on broadcast messages. For example, DHCP uses broadcast messages to enable communication between DHCP clients and the DHCP server.
If the DHCP server and clients are configured in different VLANs, clients will not receive IP configuration from the server. To solve this issue, we have two options. Either configure a DHCP server in each VLAN or configure multiple DHCP pools on the DHCP server and assign a DHCP pool to each VLAN.
We have already discussed the first option in the previous part of this tutorial. In this part, we will learn how to create and configure multiple DHCP pools on the DHCP server and assign a DHCP pool to each VLAN through a packet tracer example.
This tutorial is the fifth part of the tutorial 'DHCP (Dynamic Host Configuration Protocol) basic concepts, configurations, functions, and options Explained'. Other parts of this tutorial are the following.
What DHCP is and Types of DHCP Explained
How DHCP works explained with examples
DHCP Configuration Parameters and Settings Explained
How to Configure DHCP Server on Cisco Switches
How to Configure DHCP Server on Cisco Routers
How DHCP Relay Agents work Explained
How to Configure DHCP Relay Agent on Cisco Routers
How DHCP Snooping works Explained
Configure DHCP Snooping on Cisco Switches
Packet tracer lab setup
Either download the following pre-created packet tracer lab or create a packet tracer lab as described below.
Download link of the pre-created practice lab
Add a switch, a router, and six PCs to the workspace. Connect PCs to the switch and the switch to the router. The following image shows this lab.
Configure this lab to meet the following objectives.
- Create three VLANs and add 2 PCs to each VLAN.
- Configure the DHCP server on the switch and create three DHCP pools.
- Assign a DHCP pool to each VLAN.
- Configure all PCs as DHCP clients.
- Verify that all PCs receive their IP configuration from the DHCP server.
- Test connectivity between all PCs.
Creating and assigning VLANs
To create a VLAN, run the following command in global configuration mode.
Switch(config)#vlan [VLAN number or name]
To assign a VLAN to an interface, use the following command.
Switch(config-if)#switchport access vlan [VLAN number or name]
Create 3 VLANs: VLAN 10, VLAN 20, and VLAN 30 by running the following commands.
Switch>enable Switch#configure terminal Switch(config)#vlan 10 Switch(config-vlan)#exit Switch(config)#vlan 20 Switch(config-vlan)#exit Switch(config)#vlan 30 Switch(config-vlan)#exit Switch(config)#
The following image shows how to execute the above commands on the packet tracer.
Assign VLAN 10 to Fa0/1 and Fa0/2, VLAN 20 to Fa0/3 and Fa0/4, and VLAN 30 to Fa0/5 and Fa0/6.
Switch(config)#interface FastEthernet 0/1 Switch(config-if)#switchport access vlan 10 Switch(config-if)#exit Switch(config)#interface FastEthernet 0/2 Switch(config-if)#switchport access vlan 10 Switch(config-if)#exit Switch(config)#interface FastEthernet 0/3 Switch(config-if)#switchport access vlan 20 Switch(config-if)#exit Switch(config)#interface FastEthernet 0/4 Switch(config-if)#switchport access vlan 20 Switch(config-if)#exit Switch(config)#interface FastEthernet 0/5 Switch(config-if)#switchport access vlan 30 Switch(config-if)#exit Switch(config)#interface FastEthernet 0/6 Switch(config-if)#switchport access vlan 30 Switch(config-if)#exit Switch(config)#
The following image shows the above configuration on the packet tracer.
Configuring trunk port
By default, all switch ports operate in access mode. In access mode, a switch port allows traffic of a single VLAN only. To allow traffic from multiple VLANs, we have to configure the port as the trunk port.
In our example, only the port that connects the switch and the router carries the traffic of multiple VLANs. To configure this port as a trunk port, use the 'switchport mode trunk' command in interface configuration mode.
Switch(config)#interface GigabitEthernet 0/1 Switch(config-if)#switchport mode trunk Switch(config-if)#exit Switch(config)#
The following image show this configuration on the packet tracer.
Configuring DHCP server and creating DHCP pools
By default, DHCP service is enabled on all supporting Cisco switches. To use this service, we have to create and configure a DHCP pool on the switch.
The following table lists the steps that are required to create and configure a DHCP pool.
| Configuration step | Description (required command) |
| Define reserved IP addresses | Use the 'ip dhcp excluded-address' command to define the range of reserved IP addresses. |
| Create the DHCP pool | To create a DHCP pool and enter DHCP pool configuration mode, use the 'ip dhcp pool [pool name]' command. |
| Define IP range for lease | use the 'network [network ID] [subnet mask]' command to define the range of IP addresses. DHCP uses this range to provide IP configuration to clients. |
| Set default gateway IP | To set the default gateway IP address, use the 'default-router [IP address of the default gateway]' command. |
| Set DNS server IP | To set the DNS server IP address, use the 'dns-server [IP address of the DNS server]' command. |
Create three DHCP pools by using the above configuration steps.
Switch(config)#ip dhcp excluded-address 10.0.0.1 10.0.0.10 Switch(config)#ip dhcp excluded-address 20.0.0.1 20.0.0.10 Switch(config)#ip dhcp excluded-address 30.0.0.1 30.0.0.10 Switch(config)#ip dhcp pool vPool10 Switch(dhcp-config)#network 10.0.0.0 255.0.0.0 Switch(dhcp-config)#default-router 10.0.0.1 Switch(dhcp-config)#dns-server 4.4.4.4 Switch(dhcp-config)#exit Switch(config)#ip dhcp pool vPool20 Switch(dhcp-config)#network 20.0.0.0 255.0.0.0 Switch(dhcp-config)# default-router 20.0.0.1 Switch(dhcp-config)# dns-server 8.8.8.8 Switch(dhcp-config)#exit Switch(config)#ip dhcp pool vPool30 Switch(dhcp-config)#network 30.0.0.0 255.0.0.0 Switch(dhcp-config)#default-router 30.0.0.1 Switch(dhcp-config)#dns-server 30.0.0.2 Switch(dhcp-config)#exit Switch(config)#
The following image shows the above configuration on the packet tracer.
Assigning IP addresses to VLANs
DHCP uses the IP address of a VLAN to determine the pool from which it should provide an IP configuration. To assign an IP address to the VLAN, use the following commands.
Switch(config)#interface vlan [vlan name or number] Switch(config-if)#ip address [ip address] [subnet mask]
Assign an IP address to each VLAN from the reserved IP address of the corresponding DHCP pool.
Switch(config)#interface vlan 10 Switch(config-if)#ip address 10.0.0.5 255.0.0.0 Switch(config-if)#exit Switch(config)#interface vlan 20 Switch(config-if)#ip address 20.0.0.5 255.0.0.0 Switch(config-if)#exit Switch(config)#interface vlan 30 Switch(config-if)#ip address 30.0.0.5 255.0.0.0 Switch(config-if)#exit Switch(config)#
The following image shows the above configuration on the packet tracer.
Configuring the router's interface
By default, different VLANs cannot communicate with each other. To allow communication between different VLANs, we have to connect them through a router. We don't need a dedicated router interface for each VLAN. Routers support interface virtualization. We can use a single router interface to allow communication between multiple VLANs.
To virtualize the Fa0/0 interface and to configure it to allow communication between different VLANs, use the following configuration on the router.
Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet 0/0 Router(config-if)#no ip address Router(config-if)#no shutdown Router(config-if)#exit Router(config)#interface FastEthernet 0/0.10 Router(config-subif)#encapsulation dot1Q 10 Router(config-subif)#ip address 10.0.0.1 255.0.0.0 Router(config-subif)#exit Router(config)#interface FastEthernet 0/0.20 Router(config-subif)#encapsulation dot1Q 20 Router(config-subif)#ip address 20.0.0.1 255.0.0.0 Router(config-subif)#exit Router(config)#interface FastEthernet 0/0.30 Router(config-subif)#encapsulation dot1Q 30 Router(config-subif)#ip address 30.0.0.1 255.0.0.0 Router(config-subif)#exit Router(config)#
The following image shows the above configuration on the packet tracer.
To learn how different VLANs communicate through the router in detail, you can check the following tutorial. It explains how to configure and use VLANs in detail.
VLAN Configuration Commands Step by Step Explained
Configuring and verifying DHCP clients
To configure a host as the DHCP client, click the host and click the Desktop menu option and click the IP configuration option and choose the DHCP option. If the DHCP server is properly configured, the DHCP client will receive the IP configuration in a few seconds.
The following image shows this procedure step by step.
If you prefer, you can use the ping command to test and verify connectivity between two hosts of different VLANs.
The following image shows how to use this command to test connectivity between PC1 and PC6. Since PC1 and PC6 belong to VLAN 10 and VLAN 30, respectively, a successful ping response verifies that both VLANs have proper connectivity.
Configured packet tracer lab
To download the configured lab of this example, use the following download link.
Configured packet tracer lab of the example
That's all for this part. In the next part of this tutorial, we will understand how to configure a DHCP server on a Cisco router.
