Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
954
Views
15
Helpful
4
Replies

DHCP Snooping Issue

Go to solution
ecesureshkumar
Level 1
Level 1

‎07-19-2017 10:01 AM - edited ‎03-05-2019 08:52 AM

Hi Team,

I have Switch Environment in Ring Topology and have a core switch where DHCP server is connected. Ring UPLINKS are Portchannels.

Our requirement is to enable DHCP Snooping, hence we enabled dhcp snooping trust in all uplink physical interfaces and dhcp snooping global command. My DHCP Server is not working on the switches.

Please find the setup attached. When i connect my laptop on Switch 3/2/4 i am not getting DHCP IP, when i run wireshark on my laptop i could see only DHCP Discover packet is sending by client and not recieving DHCP offer message from DHCP Server.

My question is 

1) Do i need to enable dhcp snooping on port channel interface or enabling on Physical interface is enough.

2) Should i need to disable option 82 insertion on all Switches (no ip dhcp snooping information option) as i havent enabled dhcp snooping on Core Switch.

Thanks for your time and appreciate your immediate response.

Labels:
Preview file
56 KB
1 Accepted Solution

Accepted Solutions

Go to solution
Julio E. Moisa
VIP
VIP

‎07-19-2017 12:39 PM

Hi

I assume these are access switches, as recommedation DHCP snooping should be configured on the access switches only. Below you will find the configuration for DHCP snoooping:

ip dhcp snooping
ip dhcp snooping vlan (the protected vlans)
no ip dhcp snooping information option

interface fx/1
description ACCESS-PORT
ip dhcp snooping limit rate (value less than 100, it could be 20)

interface gx/1
description TRUNK-PORT
ip dhcp snooping trust. 

or

interface po <port-channel id>
ip dhcp snooping trust. 

* On the Switch 1 where the DHCP server is connected:

interface fx/y
description DHCP-SERVER
ip dhcp snooping trust

1) Do i need to enable dhcp snooping on port channel interface or enabling on Physical interface is enough.

Yes, you need to configure under the Port channel interface (on the ports on the access switches  only)

2) Should i need to disable option 82 insertion on all Switches (no ip dhcp snooping information option) as i havent enabled dhcp snooping on Core Switch.

It should be disabled on the access switches, dhcp snooping don't be configured on the Core switches. 

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

View solution in original post

4 Replies 4

Go to solution
Julio E. Moisa
VIP
VIP

‎07-19-2017 12:39 PM

Hi

I assume these are access switches, as recommedation DHCP snooping should be configured on the access switches only. Below you will find the configuration for DHCP snoooping:

ip dhcp snooping
ip dhcp snooping vlan (the protected vlans)
no ip dhcp snooping information option

interface fx/1
description ACCESS-PORT
ip dhcp snooping limit rate (value less than 100, it could be 20)

interface gx/1
description TRUNK-PORT
ip dhcp snooping trust. 

or

interface po <port-channel id>
ip dhcp snooping trust. 

* On the Switch 1 where the DHCP server is connected:

interface fx/y
description DHCP-SERVER
ip dhcp snooping trust

1) Do i need to enable dhcp snooping on port channel interface or enabling on Physical interface is enough.

Yes, you need to configure under the Port channel interface (on the ports on the access switches  only)

2) Should i need to disable option 82 insertion on all Switches (no ip dhcp snooping information option) as i havent enabled dhcp snooping on Core Switch.

It should be disabled on the access switches, dhcp snooping don't be configured on the Core switches. 

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Go to solution
ecesureshkumar
Level 1
Level 1
In response to Julio E. Moisa

‎07-20-2017 06:55 AM

Hi Team,

Issue got resolved by enabling Dhcp snooping trust on port-channel interfaces.

0 Helpful

Go to solution
Julio E. Moisa
VIP
VIP
In response to ecesureshkumar

‎07-20-2017 08:45 AM

Perfect!

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
paul driver
VIP
VIP
In response to ecesureshkumar

‎07-21-2017 06:03 PM

Hello

Can you please rate Julios post if he has assisted you in in resolving your issue - this will provide others seeking a similar resolution.

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card