cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
25701
Views
0
Helpful
2
Replies

Configuring DHCP snooping on VSG 2 (1.1)

Piyush Khare
Level 1
Level 1

Hello, I am running 1000v  version 4.2(1)SV2(2.1a) with VSG 2 (1.1). I have set my 1000v switch to Advance edition; but VSG does not recognize that and therefore I cannot enable the dhcp snooping/relay feature on VSG. I have already successfully enabled dhcp snooping globally on 1000v switch.

I have 2 tenants; so I completely removed VSG and re-added it to the switch in one of them, thinking that re-addition may cause it to recognize the current edition. Following are some excerpts from 1000v and VSG:

===

nexus-vds# sh switch edition

Switch Edition: Advanced       <<<<<<<    this is my current edition on 1000v switch

Advanced Features

Feature Name    Feature State

-----------------------------

cts             disabled

dhcp-snooping   enabled     <<<<<< this is enabled globally on 1000v switch

vxlan-gateway   disabled

Licenses Available: 1016

Licenses In Use: 8

===

nexus-vds# sh run vservice node

!Command: show running-config vservice node

!Time: Mon Feb 24 19:10:08 2014

version 4.2(1)SV2(2.1a)

vservice node tenant1-vsg type vsg

  ip address 10.x.x.x

  adjacency l2 vlan 410

  fail-mode open

vservice node tenant2-vsg type vsg

  ip address 10.x.x.y

  adjacency l2 vlan 410

  fail-mode open

===

tenant1-vsg(config)# feature dhcp

ERROR: DHCP feature can only be enabled when switch edition is Advanced

===

How does VSG know that switch is in Advance edition or not ? why is it not recognizing the current edition ? Any ideas ....?

===

Another point I would like to add is that before we applied configuration for VSG; just with 1000v in place (in essential edition); we were able to fire up VMs and DHCP worked without any issues. Also, I have bootpc and bootps allowed in the VSG policy going outbound from VM and DHCP relay is also configured to point to our Cobbler (DHCP) server.

===

1 Accepted Solution

Accepted Solutions

Hi Piyush,

All DHCP Snooping configuration is done on the VSM.

You can read more in the SV2(1.1) Security Configuration Guide

HTH,

Joe

View solution in original post