dhcp snooping feature and vlan

Unanswered Question
Feb 1st, 2009

<p>Hi every body!</p>

<p> </p>

<p>!) If switch is configured with :</p>

<p> </p>

<p>ip dhcp snooping vlan 1</p>

<p>Will switch snoop on dhcp packets from  vlan 1 to dhcp server and vice  versa?</p>

<p> </p>

<p> </p>

<p> </p>

<p>2) if two switches  sw1 and sw2  have  vlan vlan 1 .  Both switches are configured with dhcp snoop feature.</p>

<p> </p>

<p>Will sw1 only builds it snooping database based on the  dhcp rellpies from dhcp server destined to host to vlans which connect to sw1 ot it will also builds its snooping database based on the replies sw2 forwarded to its host in vlan 1?</p>

<p> </p>

<p> </p>

<p> </p>

<p>My hunch is since dhcp server unicast the reply to appropitate relay agent. For example  dhcp receives the dhcp req from host in vlan 1 on sw1.Dhcp server will unicast the reply to sw1 so sw2 will not hear that reply  and can not build its snooping database based on the reply sw1 received.</p>

<p> </p>

<p>3) since dhcp snooping database relies on dhcp option 82   where relay agent adds info about the port(circuit id) which received the dhcp packet, that means dhcp snooping feture can only be implemented on a switch which is acting as relay agent for dhcp server. That also means the dhcp snooping feature can only be implemted on layer 3 or multilayer switch not layer 2 switch .Because layer 2 switch can not act as relay  agent for dhcp server.</p>

<p> </p>

<p> </p>

<p> </p>

<p>Is my understanding correct?</p>

<p> </p>

<p> </p>

<p> </p>

<p> Is it correct concept?</p>

<p>Thanks a lot!</p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sarahr202 Sun, 02/01/2009 - 17:13

Hi  every body!

I found some answers after the whole day of researching. I am posting them here for others who may have similar questions in mind.

) If switch is configured with :

ip dhcp snooping vlan 1

Will switch snoop on dhcp packets from  vlan 1 to dhcp server and vice  versa?

  Answ:

The Sw which is also relay agent, will snoop only on replies received from dhcp server  before unicasting them to thier respective host.

2) if two switches  sw1 and sw2  have  vlan1  .  Both switches are configured with dhcp snoop feature.

Will sw1 only builds its snooping database based on the  dhcp replies from dhcp server destined to host to vlans which are connected to sw1 or it will also builds its snooping database based on the replies sw2 forwarded to its host in vlan 1?

answ:

Since sw builds its snooping database  from dhcp ack replies on the local switch. So whatever dhcp ack sw2 receives will have no bearing on sw1's snooping database.

3) since dhcp snooping database relies on  relay option 82   where relay agent adds info about the port(circuit id) which received the dhcp message, that means dhcp snooping feature  can only be implemented on a switch which is acting as relay agent for dhcp server. That also means the dhcp snooping feature can only be implemented  on layer 3 or multilayer switch not layer 2 switch .Because layer 2 switch can not act as relay  agent for dhcp server.

answer:

 yes dhcp snooping can only be configured on dhcp relay agent.  . Since we need layer 3 interface to receive dhcp broadcast , so relay agent must be a router or layer 3/ multilayer switch. Layer 2 cannot acts as relay agent.


Thanks a lot!

Actions

This Discussion