By default, DAI relies on DHCP Snooping DB for operation. The exception is
when things are statically defined.
It is therefore errorneous to make statements like "the message has nothing
to do with DHCP Snopping"!
When DHCP Snooping and DAI are configured on a switch and all operations
occur dynamically, then a host with static IP address connecting to a port
that is not a DAI trusted port will spew out that message. And this is
because the host's information is not present in the DHCP snooping binding
table.
Sadiq
On Thu, Jun 16, 2011 at 6:36 AM, Narbik Kocharians <narbikk_at_gmail.com>wrote:
> I agree with Piotr, the message has nothing to do with DHCP Snopping, they
> are generated by "DAI" Dynamic Arp inspection. Do you have DAI configured
> on
> your switches?
> On Wed, Jun 15, 2011 at 7:54 PM, Alexei Monastyrnyi <alexeim73_at_gmail.com
> >wrote:
>
> > You can also try using arp inspection trust on that switch-port with
> static
> > IP.
> >
> > HTH
> > A.
> >
> > On 13 June 2011 01:48, Piotr Matusiak <pitt2k_at_gmail.com> wrote:
> >
> > > Hi,
> > >
> > > This message is generated by DAI feature not DHCP Snooping. It is
> caused
> > by
> > > device connected to port g2/18. Check this out. It seems there is
> someone
> > > connected to that port with static IP address of 10.1.1.1 with MAC of
> > > 0022.5ac1.202a so that DHCP Snooping has note registerd it in its
> > database.
> > > If this host is valid in your network and must have static IP
> configured,
> > > then add static binding to the DHCP Snooping database (ip dhcp snooping
> > > binding...)
> > >
> > > Regards,
> > > --
> > > Piotr Matusiak
> > > CCIE #19860 (R&S, Security), CCSI #33705
> > > Technical Instructor
> > > website: www.MicronicsTraining.com <http://www.micronicstraining.com/>
> <
> > http://www.micronicstraining.com/> <
> > > http://www.micronicstraining.com/>
> > > blog: www.ccie1.com
> > >
> > > If you can't explain it simply, you don't understand it well enough -
> > > Albert Einstein
> > >
> > >
> > > 2011/6/12 <roykhan123_at_hotmail.com>
> > >
> > > > Dear All,
> > > >
> > > > I am facing problem in my network is that i am getting DHCP snooping
> > Deny
> > > > log
> > > > messages continue in my switches. I knows that how dhcp snooping is
> > > working
> > > > but
> > > > i do not knows why this is appearing in the switch, when there is no
> > dhcp
> > > > server connected that ports and every thing is working fine.
> > > >
> > > > %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Gi2/18, vlan
> > > > 20.([0022.5ac1.202a/10.1.1.1/0000.0000.0000/10.0.176.16/17:38:05 AST
> > Sun
> > > > Jun 12
> > > > 2011])
> > > >
> > > > 1. Is this because of Virus. that cause the machine to generate this
> > > error.
> > > > I
> > > > saw this problem before there was a virus.
> > > > 2. I dont knows about the servers may be some services is running
> > inside
> > > > the
> > > > server that cause the server to generate this request Or some thing
> > else
> > > >
> > > > Note some there is no virus on the machine and still this error is
> > occur
> > > on
> > > > the
> > > > machine... I really do not Why this happening and how i fix this
> issue.
> > > >
> > > > Currently I am getting this message and there is no issue with the
> > > Machine
> > > > it
> > > > self
> > > >
> > > > Port configuration
> > > >
> > > > interface GigabitEthernet2/9
> > > >
> > > > switchport
> > > > switchport access vlan 19
> > > > switchport mode access
> > > > switchport voice vlan 16
> > > > ip arp inspection limit rate 128
> > > > no ip address
> > > > spanning-tree portfast
> > > > spanning-tree bpduguard enable
> > > > end
> > > > !
> > > > ip dhcp snooping
> > > > ip dhcp snooping vlan 19,16
> > > > !
> > > >
> > > > kindly advise
> > > >
> > > > Take care
> > > >
> > > >
> > > > Blogs and organic groups at http://www.ccie.net
> > > >
> > > >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> *Narbik Kocharians
> *CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com <http://www.micronicstraining.com/>
> Sr. Technical Instructor
> *Ask about our FREE Lab Voucher with our Boot Camps*
> YES! We take Cisco Learning Credits!
> Training & Remote Racks available
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- CCIEx2 (R&S|Sec) #19963 Blogs and organic groups at http://www.ccie.netReceived on Thu Jun 16 2011 - 10:31:21 ART
This archive was generated by hypermail 2.2.0 : Fri Jul 01 2011 - 06:24:28 ART