If you look at the scheme, the DHCP server and the hosts are on different switches. As the access switches are 2960 with c2960-lanbasek9-mz.122-52.SE.bin. 3750G as a DHCP relay . If possible, give at least one example in this scheme with detailed instructions.

1) What settings should be on Switch1?
2) On 3750G ?
3) On Switch0?

Here is the guide for 2960's with LAN BASE.

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swdhcp82.html#wp1328394

You only need to configure the 2960 switch that has the clients on it (switch1) that you want to restrict.  Mark the trunk as trusted.

You can almost use the config I gave above, but change the client DHCP port to be:

interface Gigabit a/b/d
  description Interface facing client
  ip verify source

Thank you very much, it worked.

But I still have one problem.

It is necessary that one of the ports to bind the IP address , which in the future could be used static for all hosts. Only one IP.

Personally, because I have had a lot of grief with static hosts, so I normally just remove the "ip verify source" command.

However if you are keen, this is the syntax to add a static host:

ip source binding mac-address vlan vlan-id ip-address inteface interface-id

In my case it is necessary to somehow tie the ip to the switch port, not to host mac-address . Because hosts on that port are changed 4-5 times a day. And that these hosts could use only one IP.

What to do?

In that case you need to stick to using "ip verify source", and use a DHCP server that can process option 82 - and configure the DHCP server to always give out the same IP address to the port regardless of the MAC address.

This link talks about enabling DHCP option 82 on the 2960.  Search for "Enabling DHCP Snooping and Option 82".

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swdhcp82.html#wp1070843

But you need to get a DHCP server that can process option 82 first.

If it is possible can you introduce any example on any scheme? Or on my scheme with specific commands.

I will be very grateful.

The free Linux ISC DHCP server can process option 82 requests, but it is a bit beyond the scope of a Cisco forum to go into the complete Linux configuration.

Under option 82 is meant ip helper-address?

No.  "ip helper-address" tells a layer 3 interface to forward DHCP requests to a DHCP server on a remote subnet.

Option 82 is used on a (usuallly) layer 2 port to insert an extra DHCP option that says what port the DHCP request came in on.  Then a DHCP server knows which switch and which port the request came from, and can allocate an IP addresses based on that, rather than purely on the client's MAC address like normal.

Give me an example , please, on any scheme.

Basic jist of inserting DHCP option 82:

ip dhcp snooping
ip dhcp snooping vlan 60
ip dhcp snooping information option