VLANs in OSPF network?

Similar Messages

• How can I implement a backup 6500 that broadcasts the same OSPF networks?

  I feel as though the answer for this is extremely simple, but my routing experience is very minimal. We have a 6500 switch that shares about 10 OSPF networks, which is behind out 7200 router; and we have a spare 6500 we would like to put into place at our second location as a failover. Can I add the same OSPF networks to this second 6500, or will this cause issues since two switches will be broadcasting the same network. 
  In the case that our core 6500 goes down, i would need the other 6500 to continue broadcasting these networks. 

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Yes, it's possible for two locations to advertize the same networks, but this implies that both locations can (normally) reach all the hosts on those networks (at either location).  Also, if there's some kind of failure, some hosts (like one location's hosts) often can no longer be reached.  That's normally ok, but what's normally not okay is for hosts on the same network to be partitioned.
  Also, when you start to have networks across locations, sometimes there's requirements for hosts to logically migrate to the site that still is advertizing the host's network.
  It can all get rather complicated depending on what exactly you're trying to accomplish.

• Changing native vlan on running network

  I want to change the native vlan on running network. a network include 30 switches . there is loop free topology .
  unfortunately native vlan is vlan 1 and also management network .
  in my test environment :
   if I go to a switch and change native vlan from 1 to 100  the stp will Block the link for vlan 1 and i lose my access to the switch and then i should go to other side and change the native vlan to 100.
  i just want to know the best practice for this situation.
  Thanks !

  Correct. As soon as you change it to 100, you will lose access to the devices since vlan 1 is used for management.  To shorten the down time, you can create vlan 100 and all the SVIs on all switches ahead of time and than change it form 1 to 100 in a maintenance window.
  HTH

• Guest Vlan on umnaged network

  I've bought some unifi wifi access points which I want to add to our network. We use a mix of cisco and netgear switches (I'll be phasing out the netgears over time). I'd like to make a guest vlan for the wifi, I'm just not sure how is best to do it, there are some details on a possible setup here.
  At the moment we have an unmanaged network so everything is using vlan1
  We use 2 Cisco Pix 515e firewall's (One as backup), they go directly to a switch, then we use a Windows server for DHCP. The config for firewall (fw1) the interface that connects to a switch is:
   speed 100
   duplex full
   nameif inside
   security-level 100
   ip address 192.168.135.248 255.255.192.0 standby 192.168.135.249
  on the switch it connects to called sw1 (C2950-I6Q4L2-M) the port is configured like so:
  interface FastEthernet0/15
   switchport mode trunk
   switchport nonegotiate
   speed 100
   duplex full
  Port Gi/02 connects to the next switch which is a netgear GS748T (sw2) which then connects to various other switches
  interface GigabitEthernet0/2
   description Netgear GS748T
   switchport trunk allowed vlan 1-4
   switchport mode trunk
   switchport nonegotiate
   speed 1000
   duplex full
   flowcontrol receive desired
  (There are some other vlans created, not sure what they are for yet, I'm new here!)
  We've just bought a Cisco WS-C3650-24PS - sw3
  I was thinking of only plugging in the wifi access points into cisco switches only and creating a Vlan - Vlan20 and only allowing Vlan20 to specific ports if this is possible?
  I'm a beginner at this so the theory is there but not sure how to execute it!
  I'm thinking on the firewall fw1
  eth2
   speed 100
   duplex full
   nameif guest
   security-level 90
   ip address 192.168.0.248 255.255.255.0 standby 192.168.0.249
  on sw1 connect Gi0/2 to sw3 Gi1/1/1
  config to be
  switchport trunk allowed vlan 20
  switchport mode trunk
  switchport nonegotiate
  speed 1000
  duplex full
  sw3 will already have vlan1 going to it as part of the unmanaged network as it is connected to another switch on another port already.
  So my question is how do I setup the dhcp server on sw3 for vlan20 (192.168.0/24)
  And how would both vlans get sent to the wifi access points which are patched into sw3 but without vlan 20 traffic being sent other ports which do not have the ap's connected to them? I would also like to allow vlan20 to another cisco switch.
  Or if is the wrong way of doing it let me know a better solution
  Apologies in advanced if this is not making much sense!

  I actually use UniFi APs in our environment too, great little APs as long as you buys the Pro models (the standard ones have their short falls).
  I think your PIX config looks good (it's been a while since I've touched one so I'd have to login to the 525 I have at home to confirm) Just ensure it's configured to disallow traffic from your guest VLAN to the internet network, if memory serves there's an option that's on by default to disallow traffic from a higher security if to a lower.
  It may be better to configure Sw1/0/2 and Sw3/1/1/1 with all of your VLANs, if you want redundancy you can create a LAG between the two with multiple ports. If you use different links for different VLANs and down the road something happens and both of those ports become active on the same VLAN (I/E you or someone else forgets that you're using different uplinks for different VLANs) if STP isn't setup properly you'll create a loop on that VLAN potentially flooding the network with broadcast traffic.
  As for the UniFi config, you configure the ports that the APs connect to as trunks, I assume you'll be managing the APs over VLAN 1 so the ports should be VL1 untagged, VLAN 20 tagged.
  The UniFi Controller software is used setup and manage the APs if you haven't already done so install it. Once you have it installed you want to create two SSIDs one without VLAN tagging enabled which will be your internal SSID, and another with VLAN tagging enabled for VL20 which will be your guest SSID. This way when a client connects to the Guest SSID the AP(s) will tag their traffic VLAN 20, so on ingress to SW3 the traffic will be tagged with the correct VLAN.
  The attached is a screen from my UniFi guest SSID config, you can also assign guests to a user group, which allows you to limit the bandwidth at the AP.

• VLAN for Wireless network

  Dear Team,
  If wireless is setup in a corporate network and there is no requirement to provide guest access to outside users, is it still recommended to segregate the Wireless network? What are the advantages for segregating wireless network considering that wireless users will have complete access to corporate network. Kindly share your views if the total number of users in office is less than 50.
  Reason is because, we do not have a Layer 3 switch, hence if VLAN is required for small number of users, we will have to enable it on the WAN router.
  Would appreciate if you can share any documentation related to best practices. Thank you.
  Regards,
  Manoj

  Hi Manoj,
  I agree with Scott,
  If you have same subnet for wired & wireless, then devices like Laptops will get same network IP for wired & wireless, client devices may not like that & sometimes may not work.
  It is always good idea to have two seperate network for wired & wireless. From scalability point of view having a L3 switch in your network is always beneficial
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Does CISCO C3560X VLAN support multiple Network segments which are further configured with HSRP function

  Hi Cisco experts,
      My name is Kumagai and I need your expert opinions below.
  I am trying to configure one VLAN1 support multiple network segments as below.
  (this should be a very straight forward configuration and should be OK, I think ? )
   interface Vlan1
   ip address 172.30.0.0 255.255.128.0
   ip address 172.30.31.253 255.255.254.0 secondary
   ip address 172.30.61.253 255.255.254.0 secondary
   ip address 172.30.71.253 255.255.254.0 secondary
   ip address 172.30.4.253 255.255.255.0 secondary
   The only issue that is eating me is the above network segments are using HSRP too
   and I am not sure is this possible with a combination of VLAN1 supporting multiples which are
   further supported with HSRP settings in Cisco environment.
  !example of HSRP:
  interface Vlan4
   ip address 172.30.4.253 255.255.255.0
   no ip redirects
   standby 4 ip 172.30.4.254
   standby 4 priority 105
   standby 4 preempt
  <<< what will happen if I add the HSRP configuration as below into the above VLAN1 with multiple Network segment ??)
   I would like to summarize my "Combined" configurations as below but I need your expert opinions on
   whether the configuration below is workable without any problem ??
   Or it is a total flop because Cisco does not support the configuration below !!!
   interface Vlan1
   ip address 172.30.0.0 255.255.128.0
   ip address 172.30.31.253 255.255.254.0 secondary
   ip address 172.30.61.253 255.255.254.0 secondary
   ip address 172.30.71.253 255.255.254.0 secondary
   ip address 172.30.4.253 255.255.255.0  secondary
   standby 30 ip 172.30.31.254
   standby 30 priority 105
   standby 30 preempt
   standby 60 ip 172.30.61.254
   standby 60 priority 105
   standby 60 preempt
   standby 70 ip 172.30.71.254
   standby 70 priority 105
   standby 70 preempt
   standby  4 ip 172.30.4.254
   standby  4 priority 105
   standby  4 preempt
  Thanking you in advance !!!!!

  Hi,
  As far as i know we dont set the ip helper address on the radio interface. It should be on the L3 interface of corresposding VLANs i.e.
  int vlan 20
  ip helper-address 192.168.33.xxx
  int vlan 60
  ip helper-address 130.20.1.xxx
  I'm assuming that your using SVI's (int Vlan 20 and int Vlan 60) rahter than physical interfaces. Also hope you have configured switch port as trunk where this AP is connected.
  Modify the AP config as below since you are using data vlan as the native vlan
  interface Dot11Radio0.20
  encapsulation dot1Q 20 native
  interface FastEthernet0.20
  encapsulation dot1Q 20 native
  Ideally your AP fastethernet configuration should looks like below and not sure how you missed this as this comes by default when you have multiple vlans for multiple ssids.
  interface FastEthernet0.20
  encapsulation dot1Q 20 native
  no ip route-cache
  bridge-group 20
  no bridge-group 20 source-learning
  bridge-group 20 spanning-disabled
  interface FastEthernet0.60
  encapsulation dot1Q 60
  no ip route-cache
  bridge-group 60
  no bridge-group 60 source-learning
  bridge-group 60 spanning-disabled
  Hope this helps.
  Regards
  Najaf

• 1941W Vlans on wirless network

  I am new to this
  intergrated router and AP. I followed the basic config and have it working. I can get to any network from wireless or wired lan to internet.
  Now i want to setup a VLAN for the wireless side that can not get the the wired lan, just out to the internet.
  I tryed a few things but I just dont understand the config well to to this.
  can someone post a config?

  Hi,
  I have set up my 1941w in the same way as what you are trying.
  Look for my posts "working 1941w config" as I have attached a full working config with access control lists applied to the VLANS assigned to the wireless AP's.
  This example should help you finish off your config.
  Regards,
  John.

• XR OS OSPF network command

  In IOS, to configure OSPF you had to issue
  network 10.0.0.0 0.63.255.255 area 0
  command under router ospf.  I don't see this option in XR OS.  What is the equivalent? 
  This is the config on ASR9K
  router ospf 10
  log adjacency changes detail
  router-id 192.168.254.13
  auto-cost reference-bandwidth 10000
  area 0.0.0.0
    interface TenGigE0/0/1/0
    interface TenGigE0/0/1/1
    interface TenGigE0/0/1/2

  Hi,
  In IOS, OSPF would be enabled on the interfaces whose IP addresses matched the network command, but in XR we configure OSPF differently. Entering the interface name under the area command would enable OSPF on the interface (OSPF routing will occur only when an IP address is configured on the interface).
  Looking at your configuration, I believe that OSPF should be enabled for the 3 Tengig interfaces. Take a look at "show ospf interface" to confirm this.
  Also, here is more information on configuring OSPF in XR,
  http://www.cisco.com/en/US/docs/routers/crs/software/crs_r4.2/routing/configuration/guide/b_routing_cg42crs_chapter_0100.html#task_1171983
  Thanks and regards,
  Rahul.

• Actual purpose of native vlan in real network

  Hi,
      Somebody please explain me what is the actual purpose native vlan in real scenarios.I have ready many documents related native vlan and I know it will never tag the vlans.But I want to know in which situation configure native vlan in our real network.
  thanks in advance..
  Regards
  Prajith

  The native VLAN is simply tagged to all traffic on a trunk link that does not already have an 802.1q tag.  Some people use this for security purposes setting the native VLAN to a VLAN that is shutdown/disabled so untagged traffic essentially gets dropped.  Another application of where I've seen native VLANs used is on access point trunk ports where the management VLAN is set to native so the AP gets an IP address from it.

• Company merger - bgp/ospf networks

  Hello Community!
  My company recently merged with a small service provider that runs BGP/OSPF within their AS. We run the same protocols internally as well. I'm looking for some direction in merging the two networks. As of now, we have to keep our IP assignments separate and treat each network as it's own entity. I would like to eventually merge the two networks so we have one AS. I'm hoping someone in the community has experience with this type of change and would be able to provide some help/direction. I'm sure redistribution will be used, but i don't know how to start or where??? Any basic guidelines to follow or config examples would be greatly appreciated.
  Thank you

  Disclaimer
  The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.
  Posting
  Dealt with a company merger several years ago.  Found VRF and double NAT useful tools.  VRF allowed insertion of company's network onto acquired company's network infrastructure while still keeping them isolated.  Double NAT allow communication between overlapping IP addresses during transition.

• Adding VLAN to Po-Group and OSPF routing what is the correct way?

  Hi Community,
  I recently had an issue that brought down the links between a couple of switches...luckily this was done after hours and I did not save the config so was able to revert back.
  The basic scope of my project is:
  We are running out of IP's on the 192.168.1.0/24 sunbnet so wanted to create a seperate VLAN/Subnet  for physical workstations.
  He is what I orginally did;
  1) On our core switch; (Switch1) 
       Create the VLAN,
       VLAN interface,
       DHCP pool,
       excluded address'
  2) On second  switch (Switch 2)
       Add VLAN name, no interface
  3) I then updated the PO-group on Switch1 with new VLAN  (this brought down the link before I was able to finish my config)
      Therefore I was not able to complete the following:
            add vlan to spanning-tree or updated OSPF routing
  Here is what I assume to be the correct order?
  1) On Core Switch (Switch 1)
       Create VLAN
       VLAN interface
       DHCP pool
       excluded address'
       add vlan to spanning-tree
       add vlan (passive interface) and sunbet to OSPF routing
  2) On Switch 2
       Add vlan name/interfaces with no ip
  3) Update PO groups after the above has been configured
       Add new VLAN to Po-Group on Switch 2
       Add new VLAN to Po-Group on Switch 1
  4) Last steps
       Updated specific access ports with new VLAN and test
       upon completion of testing, update all other access ports connected ot workstations with new VLAN
  Questions:
  Did my links go down because I added new VLAN to Po-group BEFORE  updating spanning-tree and OSPF routing?
  Can anyone verify the order as outlined in the section "Here is what I assume to be the correct order"

  So the order in which to apply TASKS is correct?
  also just to clarify the following TASK  based on your comments.
  Step 4- Add new VLANs to OSPF as passive interface
  On Switch 1 (core)
  We have this line of code
  router ospf 100
  router-id 192.168.1.10
  log-adjacency-changes
  passive-interface Vlan10
  passive-interface Vlan30
  passive-interface Vlan50
  passive-interface Vlan500
  network 192.168.0.2 0.0.0.0 area 0
  network 192.168.1.10 0.0.0.0 area 0
  network 192.168.30.254 0.0.0.0 area 0
  network 192.168.33.254 0.0.0.0 area 0
  network 192.168.51.254 0.0.0.0 area 0
  network 192.168.99.5 0.0.0.0 area 0
  network 192.168.200.254 0.0.0.0 area 0
  TASK: OSPF - Add new VLANs(40 & 41) to OSPF as Passive Interface
  ******* Begin Here  *********
  config t
  router ospf 100
  passive-interface vlan40
  passive-interface vlan41
  !WE SHOULD ADD THIS LINE OF CODE
  network 192.168.40.254 0.0.0.0 area 0
  network 192.168.41.254 0.0.0.0 area 0
  ******* End Here  *********
  RESULT:
  router ospf 100
  router-id 192.168.1.10
  log-adjacency-changes
  passive-interface Vlan10
  passive-interface Vlan30
  passive-interface Vlan40
  passive-interface Vlan41
  passive-interface Vlan50
  passive-interface Vlan500
  network 192.168.0.2 0.0.0.0 area 0
  network 192.168.1.10 0.0.0.0 area 0
  network 192.168.30.254 0.0.0.0 area 0
  network 192.168.33.254 0.0.0.0 area 0
  network 192.168.40.254 0.0.0.0 area 0
  network 192.168.41.254 0.0.0.0 area 0
  network 192.168.51.254 0.0.0.0 area 0
  network 192.168.99.5 0.0.0.0 area 0
  network 192.168.200.254 0.0.0.0 area 0
  Better??
  Again thanks...your feedback have been a tremendous help!

• OSPF and VLANs

  Scope of Inquiry:
  I've supported heterogeneous networks for merely a decade, but never quite big enough to expose me to Enterprise routing/switching concepts in real-time. I've supported numerous Metro Ethernet hub and spoke topologies, as well as a few racks in a datacenter environment ... however, once again ... no real application of OSPF, EIGRP, etc. 
  I'm learning some of the fundamental concepts of OSPF, adjacency, LSA types, etc... but one thing that has me tripped up is whether or not/how VLANs would be leveraged in a real-world scenario, in an OSPF environment.
  Can anyone kindly give me a very clear and concise explanation/high-level explanation of the contextual application of VLANs in an OSPF network, including whether or not tags would exist in each area, etc. * Please do not pontificate --- that is to overstate a simple explanation with extraneous details that are outside the scope of a basic/real-world explanation. Hope that wasn't too terse, but I'm trying to gain a working knowledge of the protocol and its nuances quickly. 
  Thanks!
  -Data-

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Hmm, don't know if I can briefly provide such a description.  Currently, I work in a large company (about 100,000 employees [with about 5,000 Enterprise switches and routers]) and my purview is about 10% of our Enterprise's switches and routers.  My sites range is size from just supporting a few hosts to thousands of hosts, equipment "sizes" range from Cisco 800 series ISRs, up to 6500s in VSS pairs.
  From a VLAN standpoint, VLANs generally provide subnets for hosts which also range is size from a /29 up to a /23.  VLAN/subnets are defined principally for like hosts and sized for the number of like hosts.  However, generally like host VLANs/subnets are split into multiple like VLANs/subnets once you get up to about a /24.
  A VLAN/subnet might only be hosted on one large chassis (4510 or 6509/6513) or it might be hosted on multiple L2 switches (2Ks/3Ks).  Generally (but not always) VLANs/subnets do not span multiple sites.
  At the moment, all sites with a region, generally one or more adjacent US States, are grouped into the same OSPF area.  I.e. such a region might have 50 to a couple of hundred OSPF "routers" in the same area.
  Originally area zero was used to tie the region areas together, but currently BGP is used with the WAN core (between regions).
  OSPF, per area, of course has all the subnets being hosted by VLANs and also all the (numbered) p2p links (per region/OSPF-area networks can run into a couple of hundred).
  LAN designs are generally just 1 or 2 layers, this because you can host so much on a large chassis or stack.  For example, at one of my larger sites, my user edge devices are 3 6509s with 96 port line cards.  As the users ports support both VoIP and data VLANs, a single data or VoIP VLAN spans two line cards (i.e. 192 ports).  So with 7 user line cards, the chassis hosts 4 data VLANs/subnets(/24) and 4 VoIP VLANs/subnets(/24).  As the 6509 has a L3 sup, the 8 chassis subnets are included in that device's OSPF router section and advertized to the rest of the OSPF area (via a dual gig, L3 Etherchannel, uplinked to a site core 6509 - the latter having two 10g SM off-site OSPF p2p fiber links).
  At a small (old technology) branch, I might have a "ring" of several 2K series switches.  For routing I'll have some 3K switch with an off-site gig link and a connection to one of the 2K switches.  I might also have a small ISR with a VPN tunnel, for off-site, with a connection to a different 2K switch.  There will be one to several VLANs/subnets defined on the 2K switches and 3K switch.  The ISR will indirectly have access to the VLANs via .q subinterfaces.  The 3K and ISR provide the subnet getways and include the VLAN/subnets into OSPF.  The also generally will run HSRP for the VLAN/subnet gateway IP.
  At a small (newer technology) branch, may have a L3 stack and an ISR.  One stack member has the high speed off-site gig link, the ISR connects to a different stack member.  However, the ISR now has a L3 routed p2p link to the L3 stack; there's no HSRP.  Yet, VLANs/subnets are pretty much as the above (paragraph).
  Hopefully the above gives you a view into some real world, large scale, with VLANs and OSPF.
  If you have additional questions, feel free to ask.

• 6500 FWSM ipv6 ospf routing equal network cmd

  Hi
  As I understand there is no "network" cmd in cisco 6500 ipv6 OSPF config, we need to use "ipv6 ospf procid# area #" under interface. I need to config 6500 FWSM to work on OSPF, can anyone help to point out how to configure FWSM ipv6 OSPF? and what are the equal cmds to config OSPF network?
  Thanks in advance.
  gy

  Your configurations are not making much sense.
  You have the same vlan interfaces with the same IP addresses on all devices and multiple static routes for 192.168.1.0/24.
  This is what you should change -
  1) the clients only connect to MSHQ3 so remove all vlan interfaces off all the other switches for the client vlans.
  Also remove the server vlan interface off MSHQ3
  2) the server vlan only connects to MSHQ4 so remove the server vlan off all other switches and remove all the client vlan interfaces off MSHQ4
  3) interconnect all your switches with L3 links because you are routing vlans locally on MSHQ3 and MSHQ4 so there is no need for any L2 links between switches.
  Note also in a true routed design MSHQ3 should not connect to MSHQ4 ie. traffic between those devices goes via MSHQ1 and MSHQ2
  4) remove all static routes for 192.168.1.0/24 from all devices
  5) run OSPF on all devices and only advertise the locally connected subnets off each device.
  For the switch interconnects use new IP subnets, don't reuse any of your existing vlan subnets.
  If you do all of the above then you have a routed access design with your distribution switches, MSHQ1 and MSHQ2 routing between access layer switches and the router.
  If you are trying to achieve something else other than a routed access layer design then please come back and clarify.
  But either way what you have now is not good and will not work properly.
  Jon

• Cannot do nslooup from users after implemented VLAN on network

  Hi all,
  We just implemented vlan(6 vlans) on our network and it works fine. All traffic from diferent VLANs were routed by the L3 switch. We have 3750 switch which acts as L3 switch and 2970 and CE500 as access switches.
  The issue is when clients tried to do nslookup on local DNS but could'nt get a reply. Our clients are very dependent on the AD which in turns also needs DNS to querry the DC.
  But prior to implementing VLAN, when we're running on flat network we havent experience this issue.
  Please see attached L3 config for reference.
  Any inputs will be highly appreciated.
  ursulo

  Hi Ursulo
  You don't need the ip domain-lookup command on the switches/routers if you don't want it - it won't have any effect at all on whether your clients work.
  Presuming you have your DNS servers set correctly on your client PCs, you should probably try the following steps:
  1) On a client PC on a new VLAN with the problems, type nslookup. Then try entering a server name - try it on it's own (i.e. server1) and as an FQDN (server1.domain.co.uk). Record the results.
  2) On your DNS server, try an NSLOOKUP same as before, but point it to itself (once in NSLOOKUP, type 'server 192.168.1.230' if it doesn't have itself as the primary DNS). Record these results.
  This should confirm whether the DNS server is responding at all, and whether it is responding from the new VLAN.
  A few other questions:
  1) What type of client PCs do you have?
  2) What DNS servers do you have assigned to the NICs on your DNS servers and DCs?
  3) In your DNS management MMC, enable view/advanced features. Do you have folders containing SRV records for your DCs/GCs etc in your domain DNS zone?
  Often people have misoconfigured DNS setups with AD, but don't know it because they have flat LANs and NetBIOS will resolve the names and domains via broadcast. Suddenly when they go to a routed network things stop working.
  You should also have WINS configured on your network - install this service on your DNS servers, and configure all servers and clients to use the service. It's a common misonception that WINS isn't needed anymore - whilst Windows itself shouldn't need it, some applications (e.g. Outlook) require it for some functions.
  Hope this helps
  Aaron
  Please rate helpful posts...

• Trying to create guest network on wap321 and sg200-50p using VLAN

  I have a SG200-50P and a WAP321. I am trying to create a guest wireless network using a separate VLAN on the WAP321. I have the production traffic on VLAN 1 and the guest network is on VLAN 100.
  The WAP321 is plugged in to port 7 on the switch. It is configured as follows:
  Trunk Port, 1UP, 100T, Ingress filter enabled
  The DHCP server is on port 22 and is configured as follows:
  Trunk Port, 1UP, 100T, Ingress filter enabled
  The production wireless client is able to work fine on VLAN 1.
  When I try to connect a device using the Guest network, the DHCP request does not appear to ever make it to the DHCP server. If I separate the Production network off of VLAN 1 and change the Untagged VLAN ID to a different VLAN than 1 (Management VLAN ID), the same thing happens to the client when it tries to get an IP address from DHCP.
  What am I missing here?

  I have the VLANs configured on the WAP321. VLAN 1 is the Mgmt and general VLAN and the VLAN is configured for the Guest network. I did a Wireshark trace and for some reason the pakets for VLAN 100 (Guest network) on the WAP321 are not getting to the DHCP server. I see them on the WAP321 using the packet capture, but there is not any response to them. I do not see them coming in at the DHCP server.
  When I connect to the WAP321 using the production SSID I see the same ackets at the AP and also coming in to the DHCP server. That is why I am so confused. I can't figure out why they do not get to the server. I was wondering if I have something configured wrong on the SG200, but this is new territory for me and I do not know what I am missing. I have taken some screen shots of the SG and WAP config screens in case it might help.