Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
641
Views
0
Helpful
2
Replies

DHCP snooping etherchannel issue

Andy White
Level 3
Level 3

‎10-09-2013 03:00 AM - edited ‎03-07-2019 03:55 PM

Hello,

I have enabled IP DHCP snooping on 2 switches that are connetced to each other via an etherchannel using 2 ports.  On switch 1 it has the DHCP pool, but users on the 2nd switch couldn't get DHCP addresses eventough I added  the "ip dhcp snooping trust" command on both pots in the ehterchannel either side and the "no ip dhcp snooping information option".

What fixed it was adding the "ip dhcp snooping trust" commad on the port channel which I have never had to do before is this normal?

Thanks

Labels:
0 Helpful
2 Replies 2

Rolf Fischer
Level 9
Level 9

‎10-09-2013 03:16 AM

Hi Andy,

in simple terms, DHCP snooping allows a (edge)port to receive DHCP client traffic, which is Discover, Request, Release, Inform.

Received DHCP server traffic like Offer and Ack is dropped by DHCP snooping by default in order to prevent from rogue DHCP servers, so the real serverport(s) and the uplinks as well have to be trusted in order to allow DHCP server traffic (as the uplinks receive client- and server traffic).

HTH

Rolf

0 Helpful

Rolf Fischer
Level 9
Level 9
In response to Rolf Fischer

‎10-09-2013 03:32 AM 

What fixed it was adding the "ip dhcp snooping trust" commad on the port channel which I have never had to do before is this normal?

Yes. When you do a "show mac address-table" you'll see that MAC-addresses are learned on the port-channel interface, no on the physical member-ports.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card