07-22-2023 10:38 PM
I activated dhcp snooping on CBS 350 switch but nothing happened .
I choose gi24 port as trusted port but nothing happened the switch still accept dhcp on the other ports.
I want the optimum solution and the right syntax which activate dhcp snooping on the switch and work correctly
07-22-2023 11:37 PM
- Check current state of your dhcp snooping configuration with : show ip dhcp snooping
M.
07-22-2023 11:56 PM
DHCP snooping is Enabled
DHCP snooping is configured on following VLANs: 1
DHCP snooping database is Disabled
Relay agent Information option 82 is Disabled
Option 82 on untrusted port is forbidden
Verification of hwaddr field is Enabled
Interface Trusted
----------- ------------
gi24 Yes
07-23-2023 12:10 AM
>...DHCP snooping database is Disabled
This and the lines beneath seems indicative of the dhcp snooping not completely and or correctly configured , review
https://www.cisco.com/c/en/us/td/docs/switches/lan/csbms/CBS_250_350/CLI/cbs-350-cli-/dhcp-snooping-commands.html
Check the command sequence , and or review your settings accordingly ,
M.
07-22-2023 11:59 PM
if there are anyone here , tried before to put DHCP snooping on CBS 350 24P-4G .
Please give us the feedback to check our configuration
07-23-2023 04:22 AM
Hi @ahmedaqsa
Can you share the config? show running-config would be nice.
07-23-2023 06:05 AM
I think you misunderstanding the dhcp snooping concept'
Both trust and un trust (defualt mode of port) pass dhcp message but which message.
07-23-2023 05:00 PM
I have the DHCP snooping enabled on a couple of my CBS350-8MGP-2X access switches. The output of ‘show ip dhcp snooping’ from your switch looks fine to me. The line showing the status of the DHCP snooping database is really about its backup database, not the runtime database itself.
Just to be sure, you make ‘trusted’ the port where your DHCP server is connected to, not the ports where your DHCP clients are connected. Those ports should remain untrusted. You also need to enable snooping on your vlans.
Here’s the DHCP snooping configuration from one of my switches.
interface Port-Channel1
description MSW7LAG
ip dhcp snooping trust
switchport mode general
switchport general allowed vlan add 60,70,80-81,90 tagged
switchport general allowed vlan add 1 untagged
ip dhcp snooping
ip dhcp snooping vlan 1
ip dhcp snooping vlan 60
ip dhcp snooping vlan 70
ip dhcp snooping vlan 80
ip dhcp snooping vlan 90
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide