cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
197
Views
0
Helpful
1
Replies

DHCP snooping not work after cross over layer 3

john_lee
Level 1
Level 1

Hi, I have setup a network as per diagram attach and turn on DHCP snooping on access layer switch and distribution switch. After configure, an issue is all users at access switch are not able to get IP address. Can I know is it I need to configure DHCP snooping at Server farm switches and also trust the DHCP server? If yes, can I know how to configure the DHCP snooping over layer 3?

Here is the configure at access layer and distribution switch

Access layer

----------------

ip dhcp snooping

ip dhcp snooping vlan <vlan id>

no ip dhcp snooping information option

ip dhcp snnoping database flash:dhcp.txt

Up link port

-------------

interface port-channel<Number>

 description <description>

 switchport mode trunk

ip dhcp snooping trust

 

Physical port for up link

-----------------------------

interface TenGigabitEthernet<port number>

 description <description>

 switchport mode trunk

ip dhcp snooping trust

 channel-group <Number> mode active

End host port

----------------

interface GigabitEthernet<port number>

 description <description>

 switchport mode access

 switchport access vlan <ID>

 switchport voice vlan <ID>

 ip dhcp snooping limit rate 10

Distribution Switch

---------------------------

ip dhcp snooping

ip dhcp snooping vlan <vlan id>

no ip dhcp snooping information option

ip dhcp snnoping database bootdisk:dhcp.txt

Up link port

-------------

interface port-channel<Number>

 description <description>

 switchport mode trunk

ip dhcp snooping trust

 

Physical port for up link

-----------------------------

interface TenGigabitEthernet<port number>

 description <description>

 switchport mode trunk

ip dhcp snooping trust

 channel-group <Number> mode active

I also insert this 3 command at access switch and distribution switch, but it also not work

ip dhcp snooping information option allow-untrusted

ip dhcp snooping database write-delay 30
ip dhcp snooping database timeout 30

Thanks,

 John

1 Reply 1

Hello,

this should work as designed. Have you configured your access ports with 'spanning-tree portfast', and (optionally, depending on your network design) the trunk ports with 'spanning-tree portfast trunk' ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: