main point is wherever you're dhcp server is connected to trust that port as if you don't then the default behaviour would be to drop any dhcp client discover messages, the server would then be able to create the bindings into dhcp snooping database for mac, ip, port and vlan once the discovers are sent upstream to the server.
anything other then the dhcp server or further upstream switches that connect to the dhcp server should be dhcp snooping trusted the caveat here is whether you leave the switch to insert option 82 into the client discover messages or not where the better solution would be to trust dhcp snooping information option.
Good luck
-- BR Tony Sent from my iPhone on 3 On 16 Sep 2013, at 22:24, Imran Ali <immrccie_at_gmail.com> wrote: > hi all , > i am enabling dhcp snooping , but i have seen some threads in support > forum , saying they face issues on thier 3560 when configured with voice > vlan, > > we have voice vlan , data vlan , and one vlan for access point . > > i have to trust the trunk links going to the core switches and all > others as untrusted . > > > 1) Have any one in production had face issues with dhcp snooping with > voice/data vlans ? > > 2) Access points connected ports are access ports i think they must be > left as untrusted right ? > > > Blogs and organic groups at http://www.ccie.net > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html Blogs and organic groups at http://www.ccie.netReceived on Mon Sep 16 2013 - 22:48:18 ART
This archive was generated by hypermail 2.2.0 : Tue Oct 01 2013 - 06:36:35 ART