Re: dhcp snooping

From: Hobbs (deadheadblues@gmail.com)
Date: Sat Oct 18 2008 - 19:44:46 ART

• Next message: abderrahim sadki: "RE: confusion about Callmanager, help!!"
• Previous message: Hobbs: "Re: sleepless before lab exam"
• Maybe in reply to: Hobbs: "dhcp snooping"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

thanks, I didn't have a database command or the client-id command, maybe
that was my issue. Funny thing is my task was right according to the
solution guide, I just wanted to verify with proof. Anyways, i will remember
that from now on. thanks Reza!

On Sat, Oct 18, 2008 at 4:37 PM, Reza Toghraee <reza@toghraee.com> wrote:

> Hello
>
> I tested this scenario and now its working.
>
> Let me show you my configuration on CAT1 :
>
>
> ip dhcp snooping vlan 30
> no ip dhcp snooping information option
> ip dhcp snooping database flash:snoop.txt
> ip dhcp snooping
> !
> interface FastEthernet0/4
> switchport access vlan 30
> switchport mode dynamic desirable
> ip dhcp snooping trust
> !
>
> CAT12#sh ip dhcp snooping
> Switch DHCP snooping is enabled
> DHCP snooping is configured on following VLANs:
> 30
> Insertion of option 82 is disabled
> circuit-id format: vlan-mod-port
> remote-id format: MAC
> Option 82 on untrusted port is not allowed
> Verification of hwaddr field is enabled <<<<<<============= I think
> this is the ISSUE. Seems by default its Enable.
> Interface Trusted Rate limit (pps)
> ------------------------ ------- ----------------
> FastEthernet0/4 yes unlimited
>
>
>
>
> CAT 3
>
> Rack1SW3(config-if)#do show run int vlan 30
> Building configuration...
>
> Current configuration : 58 bytes
> !
> interface Vlan30
> ip address dhcp client-id Vlan30
> end
>
>
>
> by default CAT1 , compares the source MAC address of the DHCP frame with
> the
> client-id inside the DHCP request.
> By default the client ID is something crazy long, but after I changed to
> MAC
> it fixed. (ip address dhcp client-id Vlan30).
>
>
>
> Regards
> Reza Toghraee
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Hobbs
> Sent: Saturday, October 18, 2008 11:56 PM
> To: Cisco certification
> Subject: dhcp snooping
>
> Hello,
>
> I have the following topology:
>
> [R4]------[CAT1]----trunk----[CAT2]----SVI (vlan 30)
>
> R4 is a dhcp server in vlan 30, connected to CAT1 f0/4.
> CAT2 has an SVI for vlan 30, with ip address assigned via dhcp.
> This works great.
>
> Now when I set up dhcp snooping on CAT1 it fails. On CAT1 I do the
> following:
>
> ip dhcp snooping
> ip dhcp snooping vlan 30
> int f0/4
> ip dhcp snooping trust
>
> This still prevents CAT2 from getting an IP address from R4....is there
> something I am missing?
>
>
> http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/1
> 2.2_44_se/configuration/guide/swdhcp82.html#wp1180910
>
> thanks,
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: abderrahim sadki: "RE: confusion about Callmanager, help!!"
• Previous message: Hobbs: "Re: sleepless before lab exam"
• Maybe in reply to: Hobbs: "dhcp snooping"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:21 ARST