dhcp snooping

ocajica · ‎08-10-2005

Hi everybody

I have a network topology with 6500 switches.

All pc´s client are connected to switch 6506 with CATOS software and this is connected to main switch 6513 with IOS software across etherchannel interface, the dhcp server is on server farm that is connected to 6513 switch.

My question is, wich commands are need to enable for dhcp-snooping feature works on my network, i know that I need the follow comands on catos

set security acl ip DHCPSNOOP permit dhcp-snooping

set security acl ip DHCPSNOOPING permit ip any any

commit security acl DHCPSNOOPING

set security acl map DHCPSNOOPING 207

But what happend to the other side on 6513 switch, wich command i need to enable for the server dchp port, in this case the trusted port ?

So i hope you can help me

Best Regards

Manuel

thisisshanky · ‎08-10-2005

Manuel,

The command you are looking for is

ip dhcp snooping trust - on the interface that is connected to the DHCP server. There are a few other commands that you got to enable and all that can be found here.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a0080435791.html

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

ocajica · ‎08-15-2005

Thanks my friend, but i have a little problem, this version only works for SUP3/MFSC3 and my switch has SUP2, I tried to find another version but there isn´t.

So I have an idea, configurate as trusted ports (on catalyst 6506 Catos)the link between switches, and enable the command ip dhcp relay information trusted on vlan 207 in the IOS switch, may be works ?

thanks and best regards

Manuel