12.2(44) DHCP snooping problems anyone?

Unanswered Question
May 15th, 2008

Anyone else having problems with DHCP snooping on 12.2(44)SE2? Seems to work fine on a 3550 but shuts down all dhcp (without saying it is dropping any packets) in a 3560-48-PS.

I'm interested to know if anyone else can verify this malfunction.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
andrew.butterworth Fri, 05/16/2008 - 02:07

I have had the same DHCP snooping configuration for a while and have had no problems moving from IOS 12.2(35)SE through to the latest 12.2(44)SE2. Are you sure you have trust configured on your uplinks and/or the interface where the DHCP server is?

It might be worth posting some bits of the config.


b.julin Fri, 05/16/2008 - 05:54

Yeah I'm sure of that, first thing I checked.

It kills DHCP entirely, not just on snooped VLANs.

I'm working up a stripped down config on a test switch now and will post that.

In the meantime, what platforms are you running it on -- as I said it seems to work fine on the 3550 EMI chassis I have, but not on a 3560 PoE switch, and now that I've started testing, not on a 2960G.

andrew.butterworth Fri, 05/16/2008 - 06:10

I have 3550's, 3560's & a 3750, all of which are running 12.2(44)SE2 and DHCP snooping is running fine on all of them.


andrew.butterworth Fri, 05/16/2008 - 06:21

Have you disabled option 82 insertion? If your DHCP server is Windows 2000/2003 then you need to disable this in global config:

no ip dhcp snooping information option

Apparently Windows 2008 DHCP will support this but nothing earlier.


b.julin Fri, 05/16/2008 - 06:45

OK, nevermind it wasn't the platform. It seems the problem is that if you are using scp:// for the database and the startup transfer fails, it hoses the DHCP snooping system entirely and probably cannot be fixed without a reboot.

Which is probably realted to the fact that you have to init dhcp snooping with a tftp:// database before you can even run an scp:// database.

I'm gonna go bug TAC on this one.


This Discussion