Add helper-addresses in the voice VLAN for your DHCP server IP.Your default gateway should be the switch. Your default gw for anything that needs to communicate across VLANs should be that interface ip.Create a VLAN interface and IP address on the voice VLAN.This can be accomplished by enabling routing on the switch.Is there any reasonable way to configure routing on the managed switch such that udp traffic to and from the dhcp server gets routed across vlans and everything else out-of-subnet gets forwarded on to the watchguard? I've setup routes that seem like they would accomplish this, but it never seems to work quite right. (Routing between vlans and to external net all handled on Watchguard.) Is this accurate? The only traffic that needs to be routed between vlans is DHCP packets, so there's not really a bottleneck issue.
#Router on a stick and vlan full#
I was told by a dell rep that configuring limiting routing between the vlans as well as to the watchguard would be problematic and that my best option is to go with a full router-on-a-stick configuration. The packet from the DHCP server on the data vlan to the voice vlan virtual router never makes it to the voice vlan, for a fairly obvious reason: IP is outside the local subnet, so it gets forwarded to the default gateway (on the watchguard) which then bounces it back. The DHCP server processes the request and then tries to respond with a Unicast DHCP Offer packet directed to the ip of the virtual router on the voice vlan. With DHCP relaying enabled, DHCP Discover broadcasts are intercepted from the voice vlan and converted to unicast UDP packets from my switch to the DHCP server on data vlan. Initially I figured I'd just use IP Helper / DHCP Relaying.
#Router on a stick and vlan windows#
Currently the DHCP server is on a Windows Server 2008 R2 machine attached to the Data VLAN. Where I've run into problems is with my DHCP server. The Powerconnect switches have a nice "Voice Vlan" feature that seems to do exactly that: it automatically detects packets coming from the phones and tags them with the vlan id of my choice at the switch. Because of port limitations, computers are plugged into the phones, and the phones are plugged into the wall.įor various reasons, I'd like to segment the voice traffic on it's own vlan. We've recently installed Polycomp SoundPoint 335 Voip handsets. Currently all devices connected to the switch are in the same vlan and the default gateway is the watchguard. I have 2 Powerconnect 62xx switches stacked with a Watchguard XTM-26 between them and the outside world.