DHCP Snooping Lab Question

dcanady55 · ‎04-21-2016

I have a home lab setup with 2 2960's and 1 2921. I setup the router with a DHCP scope 10.10.10.0/24

Switch A is connected to Switch B and switch B to the router. Connectivity is working between all devices and before I turned on DHCP snooping on A I had no issue receiving an IP from the router while plugged into A.I excepted to not get an address when I enabled DHCP snooping on A as I didn't make the trunk port a trusted port. What I wanted to see was the DHCP snooping stats and see packets dropped from untrusted ports. I only saw counters increase on the packets forward category. I did a wireshark capture and saw DHCP packets getting to the trunk port and assume make it's way through as those are legitimate DHCP packets allowed. However, I figured when the router tried replying to my pc those packets would get dropped and logged. This didn't happen and I'm not sure why?

After, I didn't get the results I expected to see I removed all my dhcp snooping on A and tried to get a new IP from the router. I cannot pull a new IP from the router. Again, I spanned the trunk and saw DHCP getting to the trunk port but the router is not responding. Connectivity from A to the router is still there and nothing changed in terms of vlans or anything else that I'm aware of.

Thanks,

dukenuk96 · ‎04-21-2016

DHCP snooping may not be logged by default, you will need to enable debug messages for this feature to see what is dropped and what is allowed.

If you removed all snooping configurations from all your devices in lab, double check if it is really so. If you will not find anything that would prevent DHCP to work, just reload you lab, including lab engine itself. If it does not help too, show your network diagram with port numbers and share full devices configs.