Re: DHCP snooping setup

From: Jian Gu (guxiaojian@gmail.com)
Date: Fri Feb 16 2007 - 22:21:23 ART

• Next message: Sidalo: "Re: OT- regarding employer using CCIE number from partner cert"
• Previous message: Antonio Soares: "RE: Cisco IP Phone"
• Maybe in reply to: Filyurin, Yan: "DHCP snooping setup"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The command is "ip dhcp snooping information option allow-untrusted"

On 2/16/07, Filyurin, Yan <yan.filyurin@eds.com> wrote:
>
> So I would have to do the same thing if router B would be a relay agent
> as opposed to being a DHCP server?
>
> ------------------------------
> *From:* Narbik Kocharians [mailto:narbikk@gmail.com]
> *Sent:* Friday, February 16, 2007 6:28 PM
> *To:* Jian Gu
> *Cc:* Filyurin, Yan; ccielab@groupstudy.com
> *Subject:* Re: DHCP snooping setup
>
> The trust command
>
> On 2/16/07, Jian Gu <guxiaojian@gmail.com> wrote:
> >
> > This was asked before, there is a interface command which will allow
> > DHCP
> > packets with option 82 to go through in stead of drop them.
> >
> > On 2/16/07, Filyurin, Yan <yan.filyurin@eds.com> wrote:
> > >
> > > Hello list. I was recently playing around with DHCP snooping
> > > configuration
> > > and they way I had it set up was that I had router A and B connected
> > to a
> > > switch being on the same vlan where A was getting its IP address from
> > B
> > > through DHCP. So I decided to play with DHCP snooping and enabled it
> > for
> > > that
> > > particular vlan. Suddenly DHCP stopped working. After doing a couple
> > of
> > > debugs, I could see that A was originating the request and B was
> > seeing it
> > > and
> > > giving an error, and the only way I could resolve it is by doing:
> > >
> > > no ip dhcp snooping information option
> > > And ip dhcp snooping trust
> > > After reading RFC that kind of makes sense and of course the second
> > makes
> > > sense on the router port. The question is. If I had router C
> > (somewhere
> > > behind router B) set up as a DHCP server and router B would just be a
> > > relay
> > > with the helper-address command, would I still need to do this tweak
> > > because
> > > it appeared that router B was getting confused by the switch setting
> > > option
> > > 82.
> > >
> > > Thank you
> > >
> > >
> > >
> > >
> > > Yan Filyurin
> > > EDS - Bank of America, Network Design
> > > MS: MA6-536-0501
> > > 1025 Main Street
> > > Waltham, MA 02451
> > > Office: +1-781-788-2207
> > > Cell: +1-617-875-4862
> > > yan.filyurin@eds.com
> > >
> > >
> > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
>
>
> --
> Narbik Kocharians
> CCIE# 12410 (R&S, SP, Security)
> CCSI# 30832
> Network Learning, Inc. (CCIE class Instructor)
> www.ccbootcamp.com (CCIE Training)

• Next message: Sidalo: "Re: OT- regarding employer using CCIE number from partner cert"
• Previous message: Antonio Soares: "RE: Cisco IP Phone"
• Maybe in reply to: Filyurin, Yan: "DHCP snooping setup"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART