Setting Up VLANS within a bare-bones Microsoft Windows Server 2016

90Ninety

New Member
I have been 'playing' with VLANS within a physical lab environment for some time ( several cisco switches , routers and computers) . I am able to set up trunks between switches and routers and access ports for computers and devices , this I understand .

However I want some clarification on how to configure Microsoft server with multiple DHCP scopes for different VLANS . My understanding is:
  • When deploying Microsoft server with multiple DHCP scopes over different networks ,the server will need multiple VLAN Interfaces , these can be physical or logical . When there is several physical NIC interfaces , each of the LAN ports connected should be connected to the switch , one for each subnet/Vlan .
  • Logical virtual NICs Can also be used , If using one only one Physical NIC ,VLAN interfaces have to be created within a vendor specific software application ( e.g; Intel/Realtek/Dell/White-label ) and not part of the stock operating system
  • NIC teaming is not needed for VLANS , and is only required for fail-over and load balancing .
I have been trying for a few weeks to get computers over several VLANS authenticated by the server . My current desktop server ( re-purposed Dell Desktop ) with Realtek RTL8168E Ethernet Controller has its own Software application called 'Realtek Ethernet Diagnostic' where VLANS are created , this works with the DHCP server , though its intermittent and not officially supported by Windows Server . I am planning on finding a more suitable PCIE Ethernet Controller , if my understanding is correct ?
 

Neemobeer

Windows Forum Team
Staff member
What type of switch? Many have a feature like Cisco's helper IP which can ID DHCP requests and forward them to your DHCP so you don't need multiple vlans on the DHCP server
 

90Ninety

New Member
What type of switch? Many have a feature like Cisco's helper IP which can ID DHCP requests and forward them to your DHCP so you don't need multiple vlans on the DHCP server
Hi

Thanks for your input , I have SG300's , I have heard also that I only need one VLAN on the server but I have also heard the contrary here on another external forum ( Linksys). I have enabled the DHCP relays and did test the server on the one VLAN , but I couldnt get IP addresses to the other VLANS .
 

90Ninety

New Member
Ok but on the switch I need to create a trunk to the server right? tagging all VLANS required ?

I have already enabled the DHCP relay . I will try to reconfigure again
 

90Ninety

New Member
Shown is a diagram showing the whole concept , on the right 'Proposed' network that I have been working on within a 'lab' ( network seperated logically using VLANS and Subnets ) . Please bear in mind that the current router serves IP addresses to the workgroup network ( used for business is on VLAN 1 ) on the left . Basically I want to start moving computers from the workgroup network , over a managed domain network .
network 1.6ii.PNG



I have been trying for some time to get this working but , I am clearly doing something wrong.. As the DHCP services both stopped, I belive both the DHCP servers could detect each other and caused them both to misbehave - despite being on different subnets and separate VLANS .

Below shows the VLANS on the Cisco SG300 Managed switch . This all looks OK to me .


vlan members.PNG

And The DHCP relays are enabled for the VLANS , and pointing at the Windows DHCP server .
dhcp relay config1.PNG



dhcp relay 2.PNG


Can anyone give me further guidance , really wracking my brains here
 

Attachments

Neemobeer

Windows Forum Team
Staff member
The only port that may need to be trunk is the one to the router if it supports multiple vlans otherwise they should be access vlan ports. Also if you have dhcp snooping enabled you need to set the dhcp server as trusted for dhcp
 

90Ninety

New Member
The only port that may need to be trunk is the one to the router if it supports multiple vlans otherwise they should be access vlan ports. Also if you have dhcp snooping enabled you need to set the dhcp server as trusted for dhcp
Thanks for the confirmation on the trunk , this is how it has been configured at the time of writing and in the network diagram above .

Also if you have dhcp snooping enabled you need to set the dhcp server as trusted for dhcp
So Today I enable just the trusted snooping interface on port #23 ( as below ) , though the relay is still not yet working .
Trusted snooping.PNG


Just to recap ; As you have noticed above I have enabled the DHCP relay , and specified to relay packets to the VLANS outside of the server's native VLAN ( VLAN 3) . So in theory I am asking the switch to relay between VLAN 3 and VLAN 4 broadcast domains , for the Computers attached to access Ports on VLAN 4 and the server on VLAN 3 . My attempt at this is as shown , in the capture of the VLAN configuration screen above . I have put both VLAN #3 and VLAN #4 , though I am thinking that only VLAN #4 is needed here ?

As a test (Shown below ) , I have tried adding Interface ports ( as well as the previously added VLANS ) to the DHCP relay table , port GE23 ( VLAN 3 server) and port GE4 ( VLAN4 Client -Access ) .Though this made no difference
DHCP relay interface settings.PNG



On a side note I am however getting IP addresses on the servers native VLAN access ports ( VLAN #3 ) . ANy other suggestions of things I can do/check? Much appreciated
 
Last edited:

90Ninety

New Member
FWIW I can set a static IP for VLAN 4 and get internet and contact the server . I have opened another thread on the Cisco forum also but , It seems it is a problem between the DHCP server and the Switch ,
 

Neemobeer

Windows Forum Team
Staff member
I'd say on one of the devices on vlan 3 or 4 install wireshark. Flush dns and then capture the DHCP process and PM it to me.
 

90Ninety

New Member
Most of the guidance around DHCP helpers and relays tend to be for Cisco Enterprise switches , the guidance for these enterprise switches ;; is to have IP addresses/ IP interfaces for each network , on the switch itself and a IP helper address .
However I have a 'Small Business Switch' so the interface and options are somewhat different . However it is possible to add interfaces to the switch I have and even Inherit these from a DHCP server with a VLAN selector - I tried this but , it seems even the switch does not get interface IP from the VLAN 4 Scope - Yet it does from the VLAN 3 Scope

Interfacecisco.PNG
 
Last edited:
Top