cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1526
Views
5
Helpful
18
Replies
Highlighted
Beginner

DHCP Snooping Issue

I'm trying to get DHCP snooping to work correctly.  The network clients are able to receive addresses from the DHCP server (2811 Router)  with no problem ,  but the DHCP snooping database bindings are not being entered in 2960 Cisco switch. I need  them to be entered to be able to utilize DAI.

Below is the output from the router.

R1#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name
10.11.16.51         0100.0ffe.e1ce.40       Mar 08 2015 01:13 PM    Automatic
10.11.16.52         0100.0ffe.e1cd.9c       Mar 08 2015 02:06 PM    Automatic
10.11.16.53         0178.acc0.9d60.7c       Mar 08 2015 02:06 PM    Automatic
10.11.16.82         01a0.481c.add0.5a       Mar 08 2015 02:05 PM    Automatic

Below are the outputs from the switch:

 

SW#sh ip dhcp snooping binding
MacAddress          IpAddress        Lease(sec)  Type           VLAN  Interface
------------------  ---------------  ----------  -------------  ----  --------------------
Total number of bindings: 0

SW#sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
none
DHCP snooping is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
   circuit-id default format: vlan-mod-port
   remote-id: 04da.d2cd.1080 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface                  Trusted    Allow option    Rate limit (pps)
-----------------------    -------    ------------    ----------------

 

SW#sh ip dhcp snooping binding


MacAddress          IpAddress        Lease(sec)  Type           VLAN  Interface
------------------  ---------------  ----------  -------------  ----  --------------------
Total number of bindings: 0

 

18 REPLIES 18
Highlighted

Hi Antonin,

I will definitely try disabling option-82 stuff and releasing/renewing the ip.

However, as I had told you earlier that I manually disabled a port connected to a host on the switch and after enabling it, the client received the ip from DHCP. Same thing I did by restarting the host, but this time ip wasn't received from DHCP.

 

Second thing: I see entries in show ip dhcp binding in the router but there are no entries in show ip dhcp snooping binding. On switch side too, I check show ip dhcp snooping binding and the entries are zero, I need my DHCP snooping binding table to be populated for using DAI.

Apart from your suggestions, do you think I should enable DHCNP snooping on router as well?

This is one router to one switch connectivity and yes all the hosts are connected on this switch only.

Highlighted

Hi,

Thanks for the reply. I am sorry to say that I have not noticed this before:

 Same thing I did by restarting the host, but this time ip wasn't received from DHCP.

If this is the case then there is a good reason there are no bindings. Option-82 or bugs are good candidates to be culprits. Please try as suggested and let me know.

Best regards,

Antonin

Highlighted

Hi Amikat,

Sorry for the long pause, lol. I have tried configuring "ip dhcp snooping information option allow-untrusted" and manually releasing the ip address with ipconfig/release but still the clients are not receiving ip if they're restarted.

Regards,

Faizan

Highlighted
Beginner

Dear Faizan Shaikh
on the switch just configure this command

no ip dhcp snooping information option

please rate if possible
Content for Community-Ad