09-06-2023 11:44 PM
Doing a lab
PC1 and PC2 wont get DHCP address if I have
"no ip dhcp snooping trust" configured on e0/1 and e0/3
as soon as I configure ip dhcp snooping trust they get addresses from the server
however this defeats the purpose of the lab and the dhcp snooping trust feature
Any ideas?
I'm thinking an IOS bug in GNS3, not sure.
hostname IOU2
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
!
!
!
!
!
no ip icmp rate-limit unreachable
!
!
!
ip dhcp snooping vlan 1-2084
no ip dhcp snooping verify mac-address
ip dhcp snooping
no ip domain-lookup
ip cef
no ipv6 cef
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
switchport nonegotiate
ip arp inspection trust
ip dhcp snooping trust
!
interface Ethernet0/1
switchport access vlan 210
switchport mode access
ip arp inspection trust
ip dhcp snooping limit rate 100
ip dhcp snooping information option allow-untrusted
!
interface Ethernet0/2
no switchport
ip address dhcp
duplex auto
!
interface Ethernet0/3
switchport access vlan 220
switchport mode access
ip arp inspection trust
ip dhcp snooping limit rate 100
!
interface Vlan1
no ip address
shutdown
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
when i switch these to
interface Ethernet0/3
switchport access vlan 220
switchport mode access
ip arp inspection trust
ip dhcp snooping limit rate 100
ip dhcp snooping trust
!
the PC gets an address....
09-07-2023 12:22 AM
What is your image version? This might be your IOL image bug, its limitation or lack of this feature. Note that not all features are supported in those virtual images even thou the command works. as I recall, 2nd release of Iron IOL image supported dhcp snooping.
Regards, ML
**Please Rate All Helpful Responses **
09-07-2023 12:23 AM
For the access port wherer the end device connected you do not need dhcp snooping config.
you can configure globally.
check below guidance :
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide