Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1016
Views
0
Helpful
1
Replies

DHCP Snooping not logging violations

tjreeddoc
Level 1
Level 1

‎04-26-2016 03:22 PM - edited ‎03-05-2019 03:54 AM

I have a Cisco 3750E-24TD running 12.2(55)SE10 and ip dhcp snooping enabled. However, I am not getting any DHCP Snooping messages when a rogue DHCP Server tries to respond dhcp discovery broadcast.  

Turning on debug ip dhcp snooping packet and debug ip dhcp snooping events, I do see the following message:  

DHCP_SNOOPING_SW: bridge packet output port is null, packet is dropped.  

Has anyone received Syslog messages from a Cisco 3750E-24TD with ip dhcp snooping enabled? If so, what IOS were you running?

T.J. 

Labels:
0 Helpful
1 Reply 1

sushanth.shetty
Level 1
Level 1

‎10-14-2018 08:26 AM - edited ‎10-14-2018 08:27 AM

I always had hard time in getting the DHCP snooping, DHCP binding and NAT translation logs to syslog.
You may have to enable debugging for dhcp snooping and set the logging trap to debugging to get the logs on syslog server
debug ip dhcp snooping packet
debug ip dhcp snooping event
logging trap debugging
 
You can also try to use smartlog which is used to send the contents to a NetFlow collector. I'm not really sure if it works for syslog though
Switch(config)# ip dhcp snooping vlan x smartlog
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card