I see the layer 2 switch is adding the circuit ID (also confirmed from packet capture)..
sw110#show ip dhcp snoop
Switch DHCP snooping is enabled
Switch DHCP gleaning is disabled
DHCP snooping is configured on following VLANs:
101-102
DHCP snooping is operational on following VLANs:
101-102
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: 5000.000e.0000 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------
GigabitEthernet1/0 yes yes unlimited
Custom circuit-ids:
GigabitEthernet1/1 yes yes unlimited
Custom circuit-ids:
GigabitEthernet1/2 yes yes unlimited
Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------
Custom circuit-ids:
GigabitEthernet1/3 yes yes unlimited
Custom circuit-ids:
Port-channel11 yes yes unlimited
Custom circuit-ids:
Port-channel12 yes yes unlimited
Custom circuit-ids:
However the ask was to add it from the layer 3 switch. If I try running DHCP snooping on the layer 3 switch, it never works. I have to switch it off to get it to work (even if I disable it on the L2 switch).
*Feb 4 12:36:08.801: DHCP_SNOOPING: message type : DHCPDISCOVER DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 0050.7966.6826
*Feb 4 12:36:08.802: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (101)
