that removes option 82 information it's fine if you have no relay information,
here just trust your upstream trunks and dhcp server access port.
*note if you opt for above and trusting dhcp on trunk interfaces the drawback
here is that it opens a security vulnerability.
-- BR Tony Sent from my iPhone on 3 On 17 Sep 2013, at 06:17, Imran Ali <immrccie_at_gmail.com> wrote: > you mean to say to use no ip dhcp snooping information option > > > On Tue, Sep 17, 2013 at 12:50 AM, Tony Singh <mothafungla_at_gmail.com> wrote: > edit - should be dhcp snooping *untrusted > > -- > BR > > Sent from my iPhone on 3 > > On 16 Sep 2013, at 22:48, Tony Singh <mothafungla_at_gmail.com> wrote: > > > > > main point is wherever you're dhcp server is connected to trust that port as if you don't then the default behaviour would be to drop any dhcp client discover messages, the server would then be able to create the bindings into dhcp snooping database for mac, ip, port and vlan once the discovers are sent upstream to the server. > > > > anything other then the dhcp server or further upstream switches that connect to the dhcp server should be dhcp snooping trusted the caveat here is whether you leave the switch to insert option 82 into the client discover messages or not where the better solution would be to trust dhcp snooping information option. > > > > Good luck > > > > -- > > BR > > > > Tony > > > > Sent from my iPhone on 3 > > > > On 16 Sep 2013, at 22:24, Imran Ali <immrccie_at_gmail.com> wrote: > > > >> hi all , > >> i am enabling dhcp snooping , but i have seen some threads in support > >> forum , saying they face issues on thier 3560 when configured with voice > >> vlan, > >> > >> we have voice vlan , data vlan , and one vlan for access point . > >> > >> i have to trust the trunk links going to the core switches and all > >> others as untrusted . > >> > >> > >> 1) Have any one in production had face issues with dhcp snooping with > >> voice/data vlans ? > >> > >> 2) Access points connected ports are access ports i think they must be > >> left as untrusted right ? > >> > >> > >> Blogs and organic groups at http://www.ccie.net > >> > >> _______________________________________________________________________ > >> Subscription information may be found at: > >> http://www.groupstudy.com/list/CCIELab.html Blogs and organic groups at http://www.ccie.netReceived on Tue Sep 17 2013 - 07:26:41 ART
This archive was generated by hypermail 2.2.0 : Tue Oct 01 2013 - 06:36:35 ART