Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
387
Views
0
Helpful
2
Replies

IP DHCP Snooping

Andrew White
Level 2
Level 2

‎04-18-2013 05:21 AM - edited ‎03-07-2019 12:53 PM

Hello,

i have enabeld DHCP snooping on a switch:

ip dhcp snooping vlan 10

ip dhcp snooping

Then plugged in a Cisco router (fa 0/2) that has a DHCP scope and then did an "ipconfig /release" then "ipconfig /renew" and the laptop doesn't get an IP, great.

However the table shows nothing, should I see fa 0/2 as trusted = no?

Switch#sh ip dhcp snooping

Switch DHCP snooping is enabled

DHCP snooping is configured on following VLANs:

10

DHCP snooping is operational on following VLANs:

10

DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled

   circuit-id default format: vlan-mod-port

   remote-id: 0022.0db8.2c00 (MAC)

Option 82 on untrusted port is not allowed

Verification of hwaddr field is enabled

Verification of giaddr field is enabled

DHCP snooping trust/rate is configured on the following Interfaces:

Interface                  Trusted    Allow option    Rate limit (pps)

-----------------------    -------    ------------    ----------------

Switch#

Thanks

Labels:
0 Helpful
2 Replies 2

cadet alain
VIP Alumni
VIP Alumni

‎04-18-2013 05:26 AM

Hi,

However the table shows nothing, should I see fa 0/2 as trusted = no?

No, by dfefault all ports are untrusted and you should put the uplink interfaces to valid DHCP server as trusted with the interface command ip dhcp snooping trust

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Andrew White
Level 2
Level 2
In response to cadet alain

‎04-18-2013 05:52 AM

How can I find out if a rougue DHCP server is ever installed?

0 Helpful
Customers Also Viewed These Support Documents