Re: DHCP Snooping

Abdul salaam · ‎12-13-2023

Hello Guys,

I have configured DHCP snooping on cisco switch and configured two DHCP scope on R1 and R2 to test the DHCP snooping functionality.

Config output from the switch

#ip dhcp snooping
#ip dhcp snooping vlan 1
#interface range fast 0/2-3
#ip dhcp snooping trust
#exit
#inet fast 0/1
#ip dhcp snooping limit rate 100
#exit
wr.....

Although both f0/2 and 0/3 ports are put into trusted status, the end point which is on port 0/1 takes APIPA ip address, what is wrong with DHCP snooping or i forgot some commands ????

balaji.bandi · ‎12-13-2023

May be i am reading wrong here, as per diagram you are trusted both ports (of DHCP here)

or config mistake, you should trust only the DHCP Server trust the legitimate one.

Also check on the DHCP Server (router configured as expected)

make sure all working and need to test DHCP snooping, shutdown Fas 0/3 port and check DHCP working before and then implement snooping trust.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Abdul salaam · ‎12-13-2023

I intentionally put both dhcp ports into trust status if any of them work but none work since dhcp snooping enabled on switch.

There is nothing wrong with the dhcp servers. i tested them before dhcp snooping !!!

balaji.bandi · ‎12-13-2023

in that case try adding below command to switch global config and test it :

no ip dhcp snooping information option

Since both DHCP Server port are trusted, who ever first reply the client get that DHCP Server IP address.

#show ip dhcp snooping statistics (this command help you on switch see the Packets are forwarding or not)

example :

SW#show ip dhcp snooping statistics
Packets Forwarded = 8
Packets Dropped = 0
Packets Dropped From untrusted ports = 0

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help