Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
297
Views
0
Helpful
1
Replies

Help understanding Dynamic Arp Inspection

Andy White
Level 3
Level 3

‎01-23-2013 01:51 PM - edited ‎03-07-2019 11:16 AM

Hello,

I have 2 switches in my lab trunked.

1.) I have been testing DHCP snooping, the DHCP server is a Windows 2008 server off port fa 0/24 on switch 1 and on switch 2 I have a PC in port fa 0/24, both are in VLAN 6.  The PC gets an IP after I trusted all trunk ports.  Now should one of the switches build a DHCP snooping database as mine are empty, I wou;d expect the IP and MAC to be visable for my PC and DHCP server?  I ask as when I turned on DAI on both switches the PC went down and the dhcp server. 

2.) Will the DHCP snooping database that DAI uses only build if the switch is running DHCP and not a remote DHCP like mine?

It all started to work when I added the "ip arp inspection trust" on the switche 1's trunk port and the port to the DHCP server.

Seems like DHCP and DAI is an art form.  If that DHCP snooping database is not updating then all hell can break loose.

I hope someone can shed some light.

Thanks

Labels:
0 Helpful
1 Reply 1

acampbell
VIP Alumni
VIP Alumni

‎01-23-2013 02:07 PM

Andy,

Have a look at the pdf on this link.

https://learningnetwork.cisco.com/docs/DOC-2314

DHCP Snooping & DIA

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.
0 Helpful
Customers Also Viewed These Support Documents