TEAM , I need help.
Hi everyone, the attached diagram is an example of my network setup. I need to configure dhcp snooping and dynamic arp inspection on my layer 3 switch. I have configured the system as seeing below. After my configuration, my client computers cannot receive IP address from my dhcp server. Have any one experience this before? Is there anything I am missing? What’s the recommended way to configure these options? I appreciate your support TEAM.
Please note:
- The Layer-3 switch is configured as a dhcp relay agent
- The dhcp server is a virtual server on the ESXI host
- The ESXI host port (Gig1/0/1) is configured to allow maximum of 10 mac address.
- The dhcp serve host the DNS server as well
DHCP Snooping and dynamic arp inspection configuration details
Configuration
L3-SW-001(config)#ip dhcp snooping
L3-SW-001(config)#ip dhcp snooping vlan 10,11,12,13,50
L3-SW-001(config)#ip dhcp snooping database ftp://192.168.1.3/DHCP/snooping.db
L3-SW-001(config)#int gi1/0/1
L3-SW-001(config-if)#ip dhcp snooping trust
L3-SW-001(config-if)#exit
L3-SW-001(config)#ip arp inspection vlan 10
L3-SW-001(config)#ip arp inspection vlan 11
L3-SW-001(config)#ip arp inspection vlan 12
L3-SW-001(config)#ip arp inspection vlan 13
L3-SW-001(config)#ip arp inspection vlan 50
L3-SW-001(config)#int gi1/0/1
L3-SW-001(config-if)#ip arp inspection trust
L3-SW-001(config-if)#
All of my trunk port going to my access switches are trusted with the command below:
L3-SW-001(config)#int ran gig1/0/20-24
L3-SW-001(config-if)#ip dhcp snooping trust
L3-SW-001(config)#int rang gig1/0/20-24
L3-SW-001(config-if)#ip arp inspection trust
Note: All the above are configured on the core switch, am I require to do any thing from the Access switches?
