I set up a simple lab and enabled dhcp snooping
PC1---F0/1--SWITCH--F0/24---DHCP Server
I added 'trust' under f0/24 and pc received an ip address, there was a dhcp snooping binding. I removed 'trust', release an ip from the pc and pc did not get an ip. that's great however the switch did NOT report anything on the screen and in the stats I cannot see any dropped dhcp messages? I tried on two Cisco switches...
Switch#sh ip dhc snooping stat det
Packets Processed by DHCP Snooping = 22
Packets Dropped Because
IDB not known = 0
Queue full = 0
Interface is in errdisabled = 0
Rate limit exceeded = 0
Received on untrusted ports = 0
Nonzero giaddr = 0
Source mac not equal to chaddr = 0
No binding entry = 0
Insertion of opt82 fail = 0
Unknown packet = 0
Interface Down = 0
Unknown output interface = 0
Misdirected Packets = 0
Packets with Invalid Size = 0
Packets with Invalid Option = 0
Switch#sh ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
DHCP snooping is operational on following VLANs:
1
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is disabled
circuit-id default format: vlan-mod-port
remote-id: 0019.e8a3.df80 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:
Interface Trusted Allow option Rate limit (pps)
----------------------- ------- ------------ ----------------
Switch#
Switch#sh ip dhc sno sta
Packets Forwarded = 38
Packets Dropped = 0
Packets Dropped From untrusted ports = 0
Switch#
PC says
C:\Users\user>ipconfig /renew
Windows IP Configuration
An error occurred while renewing interface Local Area Connection : unable to con
tact your DHCP server. Request has timed out.
No other config on the switch, just
ip dhcp snooping vlan 1
ip dhcp snooping
Have I missed sth easy here?
