Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
604
Views
0
Helpful
2
Replies

4500 - DHCP snooping and Netware SLP problem

j.volf
Level 1
Level 1

‎12-06-2004 12:48 AM - edited ‎03-02-2019 08:24 PM

Hi all,

we try to implement DHCP snooping with Source Guard on Cat 4500. These Cat 4500 are used as workgroup switches with 6513 in the core. Novell Netware 6.0 witch SLP configured on it acts as a DHCP server (connected to Cat 6513). It works OK without DHCP snooping. At the time we have started DHCP snooping clients haven't received Option 78 and 79 (SLP information) from Netware server. All other information from DHCP server is OK.

With DHCP snooping turned off is everything OK with the same configuration.

IOS 12.2(20)EWA

Any idea ?

Thanks

Labels:
0 Helpful
2 Replies 2

mchin345
Level 6
Level 6

‎12-10-2004 07:13 AM

When IP source guard is enabled in IP and Mac filtering mode, and DHCP snooping option 82 is disabled, the switch can't locate client host port to forward DHCP server reply. The DHCP reply is dropped and therefore client can't obtain an IP address.

In general, IP source guard can't be set to IP and Mac filtering mode in a network where DHCP server doesn't support DHCP option 82.

For more detailed information about DHCP Server can be found from the link below:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/easyip2.htm

0 Helpful

j.volf
Level 1
Level 1
In response to mchin345

‎12-10-2004 08:34 AM

Configuration -

6513 in the core (VLAN routing)

interface Vlan32

description 4500_FD1_LEFT

ip address xxxxxxxx

ip helper-address xxxxx

no ip redirects

ip dhcp relay information trusted

4500 as a workgroup switch (without routing)

ip dhcp snooping vlan 1-100

ip dhcp snooping database tftp://xxx/4506_FD1.txt

interface GigabitEthernet1/1 (trunk to 6513)

switchport trunk encapsulation dot1q

switchport mode trunk

ip dhcp snooping trust

interface GigabitEthernet2/3 (testing interface)

switchport access vlan 32

switchport mode access

spanning-tree portfast

ip verify source vlan dhcp-snooping

When DHCP snooping is disabled client receive all DHCP information including Netware related info (options 78 & 79)

When I enable DHCP snooping client receive IP address, Mask, Gateway, DNS correctly. Information about Netware tree (78) and services (79) are blocked. I think, that there is some problem with propagation of follow-up DHCPINFORM packet.

DHCP server is located on Netware server with support for option 82. If there is a problem with option 82 that must be also visible with DHCP snooping turned off.

Maybe problem in my advisement ?

I post this problem on TAC through distributor without resolving in last 5 days (they say "working on it").

Any recommendation is welcome.

Thanks

Jiri

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card