enabling snooping database agent - how to write /directory/file for tftp

Unanswered Question
Nov 4th, 2008

I am trying to enable the snooping database agent with the following command on a cisco 2960.

ip dhcp snooping database tftp://192.168.100.109/c/sw1.txt.

On the tftp server with the above address, I created the sw1.txt file in the root of the c: directory. I launched the tftp server service, but the file is not being updated. Is my format for the directory/file correct?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
murray-davis Wed, 11/05/2008 - 06:53

Hi, Giuseppe

Sorry, still no go. I have used two tftp servers: Tftpd32 and Quick TFTP Server Pro, setting the default path for both to c:\. I created the sw1.txt file in this path and then configured the switch with: ip dhcp snooping database tftp://192.168.100.109/sw1.txt. I can ping this workstation from the switch so I know that I have connectivity. However, the database is still not being written to the tftp server.

murray-davis Wed, 11/05/2008 - 07:21

Hi, Giuseppe

I issued the following command and the output is as follows:

ncorpsw18#sh ip dhcp snoop data

Agent URL : tftp://192.168.100.109/sw1.txt

Write delay Timer : 300 seconds

Abort Timer : 300 seconds

Agent Running : No

Delay Timer Expiry : Not Running

Abort Timer Expiry : Not Running

Last Succeded Time : None

Last Failed Time : None

Last Failed Reason : No failure recorded.

Total Attempts : 0 Startup Failures : 0

Successful Transfers : 0 Failed Transfers : 0

Successful Reads : 0 Failed Reads : 0

Successful Writes : 0 Failed Writes : 0

Media Failures : 0

Giuseppe Larosa Thu, 11/06/2008 - 01:20

Hello Murray,

the output shows that the switch has never tried to transfer the dhcp bindings to the TFTP server:

Total Attempts : 0 Startup Failures : 0

Successful Transfers : 0 Failed Transfers : 0

assure you have a non empty dhcp snooping table

use

sh ip dhcp snooping binding

see

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_40_se/configuration/guide/swdhcp82.html#wp1282651

you can force a write with:

ip dhcp snooping database write-delay seconds

Hope to help

Giuseppe

murray-davis Thu, 11/06/2008 - 12:19

There are two entries in the binding. I set the write-delay to 30 seconds and still no go. I have connectivity and I know the tftp server is working because I can redirect a sh command and create a file on the tftp server.

I wonder if there is a debug command that I could use...

r.heitmann Fri, 03/06/2009 - 04:39

same configuration, same effect here.

i can ping the tftp server and upload/download files, but the nice switch doesn't even try to write the snooping-database.

murray-davis Fri, 03/06/2009 - 09:44

Hi, r.

I thought that I had posted a follow-up to this thread, maybe it was in another thread. What I ended up doing was removing completely dhcp snooping from the switch and then adding it back on. I believe the order is important. The last step was configuring the uplink interface to be in dhcp snooping trust.

murray-davis Fri, 03/06/2009 - 09:53

Hi,r.

re-read your post. Here is a sample path.

ip dhcp snooping database tftp://10.10.100.14/sw31.txt

Now, on the tftp server, I have a folder named: c:\dhcpsnoop. Note, that my database path on the switch doesn't reference this path. That is because I use WinAgents TFTP Server. In that software, I define the root path (\) as c:\dhcpsnoop. I would think other TFTP servers would be configured the same. So, you should not have to specify the path/directory on the switch, just provide the IP address and the database name.

r.heitmann Fri, 03/06/2009 - 10:00

hmm, i can't find the difference makes it fail:

ASW-07#show run | inc snoo

ip dhcp snooping vlan 1,307,607,807,1107,1407,1507,1607,1807,2007,2107,2207

ip dhcp snooping database tftp://192.168.1.101/DHCP.DAT

ip dhcp snooping database write-delay 15

ip dhcp snooping

int gig 1/0/23

ip dhcp snooping limit rate 192

ip dhcp snooping trust

ASW-07#copy run tftp://192.168.1.101/test.cfg

Address or name of remote host [192.168.1.101]?

Destination filename [test.cfg]?

!!

17559 bytes copied in 2.349 secs (7475 bytes/sec)

ASW-07#copy tftp://192.168.1.101/test.cfg flash:

Destination filename [test.cfg]?

Accessing tftp://192.168.1.101/test.cfg...

Loading test.cfg from 192.168.1.101 (via Vlan1607): !

[OK - 17559 bytes]

17559 bytes copied in 0.797 secs (22031 bytes/sec)

murray-davis Fri, 03/06/2009 - 10:25

Here is my complete config:

ip dhcp snooping vlan 2

no ip dhcp snooping information option

ip dhcp snooping database tftp://10.10.100.14/sw31.txt

ip dhcp snooping

Then on the uplink interface:

interface GigabitEthernet0/1

switchport mode trunk

ip dhcp snooping trust

I have dhcp snooping running at one site on over 100 switches.

So, my config is very similar to yours, except that you use a limit rate and write-delay.

You obviously can communicate with the tftp server since you can copy your flash. I just know that the dhcp is very particular about the path. I suggest experimenting with the location of "dhcp.dat" on your TFTP server. Put it in the install folder of your server, in the root directory, etc. I suggest that you make the path modifications on the TFTP server, not on the switch. Just provide the IP and name of the database file on the switch.

Here are some good commands:

sh ip dhcp snoop bind

sh ip dhcp snoop binding

sh ip dhcp snoop data

renew ip dhcp snoop data tftp://10.10.100.14/sw31.txt

sh ip dhcp snooping database

sh ip dhcp snooping database detail

clear ip dhcp snoop bind

clear ip dhcp snooping database statistics

Actions

This Discussion