Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
320
Views
0
Helpful
1
Replies

DHCP snooping

NorthgateIS
Level 1
Level 1

‎10-10-2007 07:34 AM - edited ‎03-05-2019 07:00 PM

Trying to run DHCP snooping on a 2960. Using DOT1X to assign PC's into VLAN's for healthy, quarantine, guest etc but only VLAN 1 has an interface and IP address assigned.

When trying to use the "ip dhcp snooping vlan XXX" command the VLANs are shown in the config but doing a show ip dhcp snooping only ever shows VLAN 1.

Anyone aware of a way to resolve this apart from adding VLAN interfaces and possibly ip addresses to them?

Thanks

Labels:
0 Helpful
1 Reply 1

bjw
Level 4
Level 4

‎10-10-2007 11:12 AM

There's Dynamic VLAN membership DVMP.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35sa6/eescg/mascvmps.htm

But remember, DVMP is used to ensure specific Layer 2 addresses are assigned to specific VLANS. And the VLANS have to exist. (Vlan 1 always exists).

If you are using multiple VLANS you might want to make 1 upsteam Layer 2 device a VTP domain server, there you would create all the vlan interfaces with you need, and use VTP clients to shake the vlans down to down-stream switches.

So to answer your question, yes a VLAN is a Layer 2 broadcast domain and must exist somewhere if it is to be used, you don't have to give it an IP address but I really can't imagine many reason I would keep things strictly at layer 2. That of course depends on your IP addressing schema and physical architecture.

Bill

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card