Hello,
I'm struggling with DHCP snooping, and I can't find any helpful information on the internet. So i hope someone here can help.
I'm configuring DHCP snooping, and (as far as i know), I've configured it according to the manual. But now my DHCP won't work anymore (DHCP request failed on end devices). When I disable DHCP snooping, everything works again.
Context: This all takes place in Packet Traces, on a 2960 switch
My config looks like this (all fastethernet ports are end devices, g0/1 is connected to the DHCP server via some other switches):
Building configuration...
Current configuration : 2970 bytes
!
version 15.0
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Sw-Zw-Office-1
!
!
!
!
!
ip dhcp snooping vlan 10,20,50,100,150
ip dhcp snooping
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
switchport access vlan 10
ip dhcp snooping limit rate 10
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0060.3E05.7998
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/2
switchport access vlan 10
ip dhcp snooping limit rate 10
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0002.16BD.2461
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/3
switchport access vlan 20
ip dhcp snooping limit rate 10
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0090.215B.1C3D
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/4
switchport access vlan 20
ip dhcp snooping limit rate 10
switchport mode access
switchport voice vlan 150
switchport port-security
switchport port-security maximum 3
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0001.C7C1.6B70
switchport port-security mac-address sticky 0005.5E95.C343
spanning-tree portfast
spanning-tree bpduguard enable
mls qos trust cos
!
interface FastEthernet0/5
switchport access vlan 10
ip dhcp snooping limit rate 10
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0060.5C17.69BC
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/6
shutdown
!
interface FastEthernet0/7
shutdown
!
interface FastEthernet0/8
shutdown
!
interface FastEthernet0/9
shutdown
!
interface FastEthernet0/10
shutdown
!
interface FastEthernet0/11
shutdown
!
interface FastEthernet0/12
shutdown
!
interface FastEthernet0/13
shutdown
!
interface FastEthernet0/14
shutdown
!
interface FastEthernet0/15
shutdown
!
interface FastEthernet0/16
shutdown
!
interface FastEthernet0/17
shutdown
!
interface FastEthernet0/18
shutdown
!
interface FastEthernet0/19
shutdown
!
interface FastEthernet0/20
shutdown
!
interface FastEthernet0/21
shutdown
!
interface FastEthernet0/22
shutdown
!
interface FastEthernet0/23
shutdown
!
interface FastEthernet0/24
shutdown
!
interface GigabitEthernet0/1
switchport trunk native vlan 100
switchport trunk allowed vlan 10,20,50,100,150
ip dhcp snooping trust
switchport mode trunk
!
interface GigabitEthernet0/2
shutdown
!
interface Vlan1
no ip address
shutdown
!
!
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
!
!
end
.jpg "VIP Expert"){kind=icon}
