Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
817
Views
2
Helpful
4
Replies

DHCP_SNOOPING drop message

Go to solution
Mlex1
Spotlight
Spotlight

‎03-03-2026 09:12 PM

Hello every one, i see logs on ISP port, port connected to my switch 

008973: Mar 4 09:24:39.305: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPOFFER, MAC sa: 789a.18ba.23df
008974: Mar 4 09:26:09.528: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 5087.89b2.7ed0
008975: Mar 4 09:29:28.110: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 707d.b984.8a30
008976: Mar 4 09:31:15.681: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 5087.89b2.7ed0
008977: Mar 4 09:34:39.314: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPOFFER, MAC sa: 789a.18ba.23df
008978: Mar 4 09:38:18.986: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 5087.89b2.8004
008979: Mar 4 09:41:15.674: %DHCP_SNOOPING-5-DHCP_SNOOPING_UNTRUSTED_PORT: DHCP_SNOOPING drop message on untrusted port, message type: DHCPNAK, MAC sa: 5087.89b2.7ed0

when i checking uplink port i see mac address more then 1700 mac address

i should type ticket to ISP or solve local problem

 

Wish all the best
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎03-03-2026 09:30 PM

Hello @Mlex1 

ISP is delivering a shared L2 network ? Is it an IXP ?

Open a case to your ISP support.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
M02@rt37
VIP
VIP

‎03-03-2026 09:30 PM

Hello @Mlex1 

ISP is delivering a shared L2 network ? Is it an IXP ?

Open a case to your ISP support.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Go to solution
Mlex1
Spotlight
Spotlight
In response to M02@rt37

‎03-03-2026 09:38 PM

Hello 

ISP is delivering a shared L2 network ? i guess yes 

Is it an IXP ? not 

Open a case to your ISP support. understood 

 

Wish all the best
0 Helpful

Go to solution
David Ruess
VIP
VIP

‎03-03-2026 10:15 PM

Hello,
>From the output it appears the ISP network is sending DHCP Offer messages on that port to your network. Are clients supposed to be getting their IP addresses from the ISP DHCP server? If so you need to make the port trusted. If not then contact the ISP to see if they have a DHCP server sending your clients Offer messages. You may also check your clients to see if they are requesting the DHCP IP. I dont know a DHCP server will send erroneous DHCP offers unless specifically asked or clients are up for renewal. 
-David 

Go to solution
Mlex1
Spotlight
Spotlight
In response to David Ruess

‎03-04-2026 04:00 AM

Hello 

Are clients supposed to be getting their IP addresses from the ISP DHCP server? not 

f not then contact the ISP to see if they have a DHCP server sending your clients Offer messages.  already send teckit to isp

Wish all the best
Customers Also Viewed These Support Documents