09-19-2022 10:24 PM - edited 09-19-2022 10:29 PM
Hello,
We have pair of Cisco Nexus C3064PQ-10GX and we have 100x SVI, we want to use "ip dhcp relay address" command under the SVI to relay the DHCP request to our PXE boot DHCP server but when they want to relay the message my CPU usages goes to %50-60 and when I check the process I will see "dhcp_snoop" is using %30 of my CPU. i want just to use DHCP relay so i do not need DHCP snooping, is there anyway to disable it or how can i solve this?
i tried "no IP dhcp snooping" but it did not work.
here is my CPU process sorting:
show processes cpu sort
PID Runtime(ms) Invoked uSecs 1Sec Process
----- ----------- -------- ----- ------ -----------
3936 166268 162484 1023 31.25% dhcp_snoop
my software information:
Software
BIOS: version 5.0.0
NXOS: version 9.3(8)
Thanks.
09-20-2022 01:55 AM - edited 09-20-2022 03:05 AM
NO IP dhcp snooping
NO ip dhcp snooping VLAN
there are two command if you want to disable (meaning add NO to command) dhcp snooping disable both command.
IF YOU WANT TO
09-20-2022 02:01 AM
are you sure these commands disable them? i think we should use "no ip dhcp snooping VLAN " or "no ip dhcp snooping" does not it?
09-20-2022 02:45 AM - edited 09-20-2022 02:55 AM
I correct my previous comment if I am right,
anyway
disable dhcp snooping is reduce your L2 security.
but let share with you something,
during my reading cisco doc. many point mention that config dhcp relay and dhcp snooping together make issue.
for example check below bug
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvn03408
09-20-2022 02:58 AM
ip dhcp snooping will enable dhcp snooping, it does not disable it globally.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide