Okay, So I have a bunch of 2960 edge devices that all have DHCP snooping and port security enabled (standard configurations, no sticky mac's but a 5 address limit on the interfaces I'm having trouble with, configs below). I also have a number of Small Business 8 port switches dotted around the place to increase port capacity (under tech's desks mostly). The problem arises in the following situation; There are 2 2960's, 2960-1 and 2960-2. Attached to 2960-1 are two unmanaged 8 port SB switches, switchA and switchB. When wiring a laptop into switchA everything is cool, DHCP address is assigned and everything is happy, however, when that device is then patched into switchB, the mac address table, port-security cache and DHCP snooping bindings table do not update, and since port security is nailing all macs to SecureDynamic (which in the CAM appears as STATIC), this is not surprising. I clear the port security address table, clear the CAM table for the relevant interface and clear the ip dhcp binding for the address in question and still nothing, laptop see's the connection but DHCP resolutely refuses to pick up an address. Wireshark confirms that the laptop is sending out the DHCP discover messages but nothing comes back. The only way to get the device talking again is to patch it into the original cable in switchA. Patch the device into 2960-2 however and everything is cool. #update Also, if a static address is assigned the problem disappears, predictably. I'm pretty sure that the problem stems from these unmanaged switches but need to know if I'm missing something vital. Any help is much appreciated! relevant config; ip dhcp snooping vlan 2002,2026 ip dhcp snooping network-policy profile 2026 voice vlan 2026 interface GigabitEthernet3/0/1 description EDGE PORT switchport access vlan 2002 switchport mode access switchport port-security maximum 5 switchport port-security network-policy 2026 srr-queue bandwidth share 1 30 35 5 priority-queue out mls qos trust cos macro description EDGE auto qos trust storm-control broadcast level bps 5m 2m storm-control multicast level bps 30m 20m storm-control action shutdown storm-control action trap spanning-tree portfast spanning-tree bpduguard enable Thanks again!
... View more