Showing results for 
Search instead for 
Did you mean: 

IP DHCP snooping, IP source Guard, and DIA

Maher Shaban
Level 1
Level 1

Hi All,

I have Configured DHCP snooping and IP source guard and Dynamic arp inspection on my 3560 and 3750 Network Switches,

on both of them I'm facing that issue. (the printers and access points are configured to get ip addresses via DHCP), but when the lease time expires, they don't get ip addresses, and become unreacheable.

while all other clients get thier ip addresses normally

below you can find the Configuration configuration

ip dhcp snooping vlan 98,105,111

no ip dhcp snooping information option

ip dhcp snooping database flash:dhcpsnooping

ip dhcp snooping database write-delay 15

ip dhcp snooping

ip arp inspection vlan 98,105,111

ip verify trust on all access ports including printers and access point ports

all access ports are DHCP snooping untrusted

also when I create a static dhcp snooping binding record for these devices on the switch it resolves the Issue, but when I reload the switch it's removed automatically.

any resolution will be much appreciated.



5 Replies 5

Jeff Van Houten
Level 5
Level 5

I assume the answer is yes, but do you have at least one of the switch ports configured with ip dhcp snooping trusted?

Sent from Cisco Technical Support iPad App

Sure, I've the trunk port that directs traffic to the DHCP server is trusted.



Cisco Employee
Cisco Employee

You need to trust the source of your DHCP server, run debug ip dhcp events and you will see.

Sent from Cisco Technical Support iPad App


I've the trusted port configured, all the clients get ip address and work normally, except for printers and Access point.

I tried to configure static binding, so they work. they doesn't work without static binding. and they are configure to get ip addresses from the DHCP also.

is that a bug or something else?



Review Cisco Networking for a $25 gift card