07-19-2017 10:01 AM - edited 03-05-2019 08:52 AM
Hi Team,
I have Switch Environment in Ring Topology and have a core switch where DHCP server is connected. Ring UPLINKS are Portchannels.
Our requirement is to enable DHCP Snooping, hence we enabled dhcp snooping trust in all uplink physical interfaces and dhcp snooping global command. My DHCP Server is not working on the switches.
Please find the setup attached. When i connect my laptop on Switch 3/2/4 i am not getting DHCP IP, when i run wireshark on my laptop i could see only DHCP Discover packet is sending by client and not recieving DHCP offer message from DHCP Server.
My question is
1) Do i need to enable dhcp snooping on port channel interface or enabling on Physical interface is enough.
2) Should i need to disable option 82 insertion on all Switches (no ip dhcp snooping information option) as i havent enabled dhcp snooping on Core Switch.
Thanks for your time and appreciate your immediate response.
Solved! Go to Solution.
07-19-2017 12:39 PM
Hi
I assume these are access switches, as recommedation DHCP snooping should be configured on the access switches only. Below you will find the configuration for DHCP snoooping:
ip dhcp snooping
ip dhcp snooping vlan (the protected vlans)
no ip dhcp snooping information option
interface fx/1
description ACCESS-PORT
ip dhcp snooping limit rate (value less than 100, it could be 20)
interface gx/1
description TRUNK-PORT
ip dhcp snooping trust.
or
interface po <port-channel id>
ip dhcp snooping trust.
* On the Switch 1 where the DHCP server is connected:
interface fx/y
description DHCP-SERVER
ip dhcp snooping trust
1) Do i need to enable dhcp snooping on port channel interface or enabling on Physical interface is enough.
Yes, you need to configure under the Port channel interface (on the ports on the access switches only)
2) Should i need to disable option 82 insertion on all Switches (no ip dhcp snooping information option) as i havent enabled dhcp snooping on Core Switch.
It should be disabled on the access switches, dhcp snooping don't be configured on the Core switches.
Hope it is useful
:-)
07-19-2017 12:39 PM
Hi
I assume these are access switches, as recommedation DHCP snooping should be configured on the access switches only. Below you will find the configuration for DHCP snoooping:
ip dhcp snooping
ip dhcp snooping vlan (the protected vlans)
no ip dhcp snooping information option
interface fx/1
description ACCESS-PORT
ip dhcp snooping limit rate (value less than 100, it could be 20)
interface gx/1
description TRUNK-PORT
ip dhcp snooping trust.
or
interface po <port-channel id>
ip dhcp snooping trust.
* On the Switch 1 where the DHCP server is connected:
interface fx/y
description DHCP-SERVER
ip dhcp snooping trust
1) Do i need to enable dhcp snooping on port channel interface or enabling on Physical interface is enough.
Yes, you need to configure under the Port channel interface (on the ports on the access switches only)
2) Should i need to disable option 82 insertion on all Switches (no ip dhcp snooping information option) as i havent enabled dhcp snooping on Core Switch.
It should be disabled on the access switches, dhcp snooping don't be configured on the Core switches.
Hope it is useful
:-)
07-20-2017 06:55 AM
Hi Team,
Issue got resolved by enabling Dhcp snooping trust on port-channel interfaces.
07-20-2017 08:45 AM
Perfect!
:-)
07-21-2017 06:03 PM
Hello
Can you please rate Julios post if he has assisted you in in resolving your issue - this will provide others seeking a similar resolution.
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide