RE: dhcp snooping

From: Reza Toghraee (reza@toghraee.com)
Date: Sat Oct 18 2008 - 19:37:11 ART

• Next message: Hobbs: "Re: sleepless before lab exam"
• Previous message: Brad Ellis: "RE: sleepless before lab exam"
• Maybe in reply to: Hobbs: "dhcp snooping"
• Next in thread: Hobbs: "Re: dhcp snooping"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello

I tested this scenario and now its working.

Let me show you my configuration on CAT1 :

ip dhcp snooping vlan 30
no ip dhcp snooping information option
ip dhcp snooping database flash:snoop.txt
ip dhcp snooping
!
interface FastEthernet0/4
 switchport access vlan 30
 switchport mode dynamic desirable
 ip dhcp snooping trust
!

CAT12#sh ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
30
Insertion of option 82 is disabled
   circuit-id format: vlan-mod-port
    remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled <<<<<<============= I think
this is the ISSUE. Seems by default its Enable.
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
FastEthernet0/4 yes unlimited

CAT 3

Rack1SW3(config-if)#do show run int vlan 30
Building configuration...

Current configuration : 58 bytes
!
interface Vlan30
 ip address dhcp client-id Vlan30
end

by default CAT1 , compares the source MAC address of the DHCP frame with the
client-id inside the DHCP request.
By default the client ID is something crazy long, but after I changed to MAC
it fixed. (ip address dhcp client-id Vlan30).

Regards
Reza Toghraee

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Hobbs
Sent: Saturday, October 18, 2008 11:56 PM
To: Cisco certification
Subject: dhcp snooping

Hello,

I have the following topology:

[R4]------[CAT1]----trunk----[CAT2]----SVI (vlan 30)

R4 is a dhcp server in vlan 30, connected to CAT1 f0/4.
CAT2 has an SVI for vlan 30, with ip address assigned via dhcp.
This works great.

Now when I set up dhcp snooping on CAT1 it fails. On CAT1 I do the
following:

ip dhcp snooping
ip dhcp snooping vlan 30
int f0/4
 ip dhcp snooping trust

This still prevents CAT2 from getting an IP address from R4....is there
something I am missing?

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/1
2.2_44_se/configuration/guide/swdhcp82.html#wp1180910

thanks,

Blogs and organic groups at http://www.ccie.net

• Next message: Hobbs: "Re: sleepless before lab exam"
• Previous message: Brad Ellis: "RE: sleepless before lab exam"
• Maybe in reply to: Hobbs: "dhcp snooping"
• Next in thread: Hobbs: "Re: dhcp snooping"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:21 ARST