Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2024
Views
5
Helpful
1
Replies

DHCP Snooping Syslog messages

tjreeddoc
Level 1
Level 1

‎04-26-2016 05:09 PM - edited ‎03-08-2019 05:30 AM

All,

Should I receive a syslog message when a DHCP Snooping violation occurs?

I just configured DHCP Snooping on a Cisco 3850 switch running 3.6.4.  When a rogue DHCP server responds to a DHCP discovery broadcast, the switch drops packet and the drops increase in the show ip dhcp snooping statistics.  However, I do not see a new entry in the logs.  Should I see one?

 

When I have the following debugs on,

ip dhcp snooping packet

ip dhcp snooping event

I see the following in the logs:

DHCP_SNOOPING_SW: bridge packet output port set is null, packet is dropped.

 

Thank you,

 

 

T.J.

1 person had this problem
Labels:
0 Helpful
1 Reply 1

TM13
Level 1
Level 1

‎10-15-2016 07:37 PM

 show ip dhcp snooping bindings

have you tried -

  ()ip dhcp snooping vlan x smartlog

and you should receive the log on syslog server!

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card