Yeah, I have been debating this myself. I will probably be doing this next weekend (I am just debating on if I should use the existing FreeNAS VM I have already and set it up in there (cons being that I don't think it saves the config on updates, so I would need to do that manually and restore each time), or just bit the bullet and configure another VM just for DNS/DHCP (maybe rsyslog as well)).
yes, and even then you aren't guaranteed to have ARP entries on the switch for every device in that VLAN, they'll have to talk to that switch IP first to generate an entry. The place to check arp tables is pretty much *always* the router/gateway for said subnet. In your case it sounds like that's pfsense/opnsense (Diagnostics > ARP Table). trying to move this functionality to a layer 2 device in your network is indeed a pretty bizarre use case
it just completely depends on the device/software on the other end. some devices behave normally and won't send out an ARP response with it's IP info unless it sees an arp request directed at it from said device (your switch), others will send gratuitous arps (arp responses that weren't provoked by an arp request), gARP messages are also broadcast instead of unicast, so they'll get picked up and entered into the arp table of everything in the subnet, including your switch
Not only that, but they tend to flood the network with a lot of multicast/broadcast traffic (as for example, every discovery that runs on top of mDNS, such as Chromecast and Bonjour, to name a few). Usually, multicast flows are being sent to the switch CPU for IGMP Snooping and flow control, so it can obtain a IP-MAC address tuple, ie. an ARP entry.
If you have a used switch: not without using the instructions in the first post. There is no reset switch / procedure for the 6450.
I have serial access to the switch, as well as through the mgmt port. I just don't know how to enable the dhcp client for all or at least one interface.
You have to enable on a router interface, not on a port (unless it is a pure layer 3 interface, ie. "no switchport"), and the interface tied to your DHCP server must be an untagged member of the same VLAN that contains the router interface.
Please check if you have already a VE defined on this VLAN, and it should, as you said that it took an IP address.
Yes, but you have to enable "dual mode" on an interface to make it accept both tagged and untagged frames. It is written on the documentation that @fohdeesha made available on the first page.
You can't have a VLAN as tagged and untagged at the same time. This is normal.
conf t
int ethe 1/1/1
dual modeSSH@icx645024p(config-if-e1000-1/1/1)#show int e 1/1/1
GigabitEthernet1/1/1 is up, line protocol is up
Port up for 3 hour(s) 43 minute(s) 27 second(s)
Hardware is GigabitEthernet, address is cc4e.2451.cc60 (bia cc4e.2451.cc60)
Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx
Configured mdi mode AUTO, actual MDIX
Member of L2 VLAN ID 1, port is untagged, port state is FORWARDING
BPDU guard is Disabled, ROOT protect is Disabled, Designated protect is Disabled
Link Error Dampening is Disabled
STP configured to ON, priority is level0, mac-learning is enabled
Flow Control is config enabled, oper enabled, negotiation disabled
Mirror disabled, Monitor disabled
Mac-notification is disabled
Not member of any active trunks
Not member of any configured trunks
No port name
Inter-Packet Gap (IPG) is 96 bit times
Internet address is 10.0.10.202/24, MTU 1500 bytes, encapsulation ethernet
300 second input rate: 9632 bits/sec, 7 packets/sec, 0.00% utilization
300 second output rate: 1504 bits/sec, 1 packets/sec, 0.00% utilization
136542 packets input, 18555997 bytes, 0 no buffer
Received 51299 broadcasts, 77567 multicasts, 7676 unicasts
0 input errors, 0 CRC, 0 frame, 0 ignored
0 runts, 0 giants
7784 packets output, 2635763 bytes, 0 underruns
Transmitted 11 broadcasts, 0 multicasts, 7773 unicasts
0 output errors, 0 collisions
Relay Agent Information option: Disabled
Egress queues:
Queue counters Queued packets Dropped Packets
0 0 0
1 0 0
2 0 0
3 0 0
4 0 0
5 0 0
6 0 0
7 0 0SSH@icx645024p(config-if-e1000-1/1/1)#show int ve 1
Error - ve 1 was not configuredSSH@icx645024p(config-vlan-1)#router-interface ve 1
error - IP routing, vrf, ip policy or route-only was configured on ports 1/1/1SSH@icx645024p(config-vlan-200)#show vlan
Total PORT-VLAN entries: 2
Maximum PORT-VLAN entries: 64
Legend: [Stk=Stack-Id, S=Slot]
PORT-VLAN 1, Name DEFAULT-VLAN, Priority level0, Spanning tree Off
Untagged Ports: (U1/M1) 1 4 5 6 7 8 9 10 11 12 13 14
Untagged Ports: (U1/M1) 15 16 17 18 19 20 21 22 23 24
Untagged Ports: (U1/M2) 1 2 3 4
Tagged Ports: None
Uplink Ports: None
DualMode Ports: None
Mac-Vlan Ports: None
Monitoring: Disabled
PORT-VLAN 200, Name family, Priority level0, Spanning tree Off
Untagged Ports: None
Tagged Ports: (U1/M1) 2 3
Uplink Ports: None
DualMode Ports: None
Mac-Vlan Ports: None
Monitoring: DisabledSSH@icx645024p(config-if-e1000-1/1/1)#int ethe 1/1/1
SSH@icx645024p(config-if-e1000-1/1/1)#dual-mode
error - cannot set untagged port 1/1/1 to dual modeSSH@icx645024p(config-if-e1000-1/1/1)#vlan 200
SSH@icx645024p(config-vlan-200)#tag e 1/1/1
error - IP routing, vrf, ip policy or route-only was configured on ports 1/1/1Please post a "show run" output, but to me there's something strange on your configuration...