here i used the recommendations of making the DHCP server an external server and just use the command IP helper X.X.X.X in cisco 4500X under each interface vlan to relay DHCP to hosts in this vlan , so that i can get IP on the host machine but when i try to ping machine in other vlan which also obtain its ip from this DHCP server , ping is time out . when i disable ip helper command and make my core switch as DHCP server for each vlan ,inter-vlan routing work probably and i could ping remote host in other vlans .
note i did same configuration on the DR site on cisco 4506 core switch and it's work probably.
Problem with Inter VLAN Routing with IP Helper
ciscointerfacevlan
Related Solutions
After a few tests, I found the solution and it's working. My first configuration was incomplete.
Here a working configuration :
vlan 10
name vlan_10
private-vlan primary
!
vlan 20
name vlan_20
private-vlan primary
!
vlan 30
name vlan_30
private-vlan primary
!
! Isolated VLAN: Connects all CPE hosts to Switch
!
vlan 11
name Pvlan_11
private-vlan isolated
!
vlan 21
name Pvlan_21
private-vlan isolated
!
vlan 31
name Pvlan_31
private-vlan isolated
!
! Associating
!
vlan 10
private-vlan assoc 11
!
vlan 20
private-vlan assoc 21
!
vlan 30
private-vlan assoc 31
!
! Isolated/Access port
!
interface GigabitEthernet1/1
switchport private-vlan trunk native vlan 11
switchport private-vlan trunk allowed vlan 11,21,31
switchport private-vlan association trunk 10 11
switchport private-vlan association trunk 20 21
switchport private-vlan association trunk 30 31
switchport mode private-vlan trunk secondary
!
! Promiscuous port (interconnect switchs)
!
interface TenGigabitEthernet1/1
switchport private-vlan trunk native vlan 10
switchport private-vlan mapping trunk 10 11
switchport private-vlan mapping trunk 20 21
switchport private-vlan mapping trunk 30 31
switchport mode private-vlan trunk promiscuous
Based on @TeunVink's comments, Problem 1 was fixed.
Below are the methods I have used for setting up the management interface.
I chose not to use VLAN 1 for management, as per many recommendations. So I cleared IPs from VLAN 1 and Management Console (Fastethernet0), as:
conf t
int vlan 1
no ip address
exit
int fa0
no ip address
exit
Assuming that VTP is enabled is working between Core and Access switches:
Create a separate management vlan in the core switch. E.g. VLAN 10
conf t
vlan 10
name management
exit
Assign IP address to this vlan
int vlan 10
ip address 10.0.10.1 255.255.255.0
exit
Then connect to the 2960 access switch via console and verify the vlan 10 is present there using show vlan command. It should be there as the VTP already would have taken care of distributing it. Now assign ip separately here for vlan 10 in the access switch as:
conf t
int vlan 10
ip address 10.0.10.2 255.255.255.0
exit
Configure ssh by following this link.
That's it. Now Ping 10.0.10.2 from other vlans to the Access switch. Should be good to go.
This link can be treated as an excellent reference for this purpose.
Best Answer
IP helper should not make any routing difference , so you need to check the provided IP settings by DHCP if it is right or not , you need to check two things: