DHCP Snooping and helper address

From: gladston@br.ibm.com
Date: Fri Jul 15 2005 - 15:42:13 GMT-3

• Next message: marvin greenlee: "RE: Interface Dampening [bcc][faked-from][bayes]"
• Previous message: ccie2be: "RE: Back-to-Back FR"
• Next in thread: Matt White: "Re: DHCP Snooping and helper address"
• Maybe reply: Matt White: "Re: DHCP Snooping and helper address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Have you succesfully configured DHCP Snooping when helper address is used on local router?

It is not working for me.
Without snooping, R7 gets its address from R3 (dhcp server).
After snooping is configured on CAT1, R3 does not receive the request.

r7(client)----CAT1(0/6)----R6---serial----R3

This is the config used:

CAT1
ip dhcp snooping vlan 10
ip dhcp snooping
!
interface FastEthernet0/6
 desc **R6** ***path to R3 ***
 ip dhcp snooping trust

R6 is acting as relay agent. It is receiving the request from R7:

R6
*Jul 15 17:27:25: IP: s=0.0.0.0 (FastEthernet4/0), d=255.255.255.255, len 322, rcvd 2
*Jul 15 17:27:25: UDP src=68, dst=67

This is the result on R3 with snooping on CAT1:

(nothing -- DHCPDISCOVER is not received)

If snooping is disabled, R3 works fine:

Rack2R3#
*Mar 1 06:57:07: DHCPD: DHCPDISCOVER received from client 0100.000c.3bd6.a9 through relay 148.5.46.6.

*Mar 1 06:57:09: DHCPD: Sending DHCPOFFER to client 0100.000c.3bd6.a9 (148.5.46.106).
*Mar 1 06:57:09: DHCPD: unicasting BOOTREPLY for client 0000.0c3b.d6a9 to relay 148.5.46.6.
*Mar 1 06:57:09: DHCPD: DHCPREQUEST received from client 0100.000c.3bd6.a9.
*Mar 1 06:57:09: DHCPD: Sending DHCPACK to client 0100.000c.3bd6.a9 (148.5.46.106).
*Mar 1 06:57:09: DHCPD: unicasting BOOTREPLY for client 0000.0c3b.d6a9 to relay 148.5.46.6.

It seems there is something on the DHCP request when snooping are enabled that makes R6 do not relay the packet to R3.

Other monitor commands are here:

Rack2CAT1#sh ip dhc snoo
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
10
Insertion of option 82 is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
FastEthernet0/2 yes unlimited
FastEthernet0/4 yes unlimited
FastEthernet0/6 yes unlimited

Rack2CAT1#sh deb
DHCP Snooping event debugging is on
05:48:44: DHCPSN: Found ingress pkt on Fa0/7 VLAN 10
05:48:44: DHCP_SNOOPING: add relay information option.
05:48:44: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xA 0x0 0x6 0x2 0x8 0x0 0x6 0x0 0xB 0xFD 0xC7 0xC1 0x80

05:48:47: DHCPSN: Found ingress pkt on Fa0/7 VLAN 10
05:48:47: DHCP_SNOOPING: add relay information option.
05:48:47: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xA 0x0 0x6 0x2 0x8 0x0 0x6 0x0 0xB 0xFD 0xC7 0xC1 0x80

• Next message: marvin greenlee: "RE: Interface Dampening [bcc][faked-from][bayes]"
• Previous message: ccie2be: "RE: Back-to-Back FR"
• Next in thread: Matt White: "Re: DHCP Snooping and helper address"
• Maybe reply: Matt White: "Re: DHCP Snooping and helper address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:30 GMT-3