02-01-2009 07:19 AM - edited 03-06-2019 03:47 AM
<p>Hi every body!</p>
<p> </p>
<p>!) If switch is configured with :</p>
<p> </p>
<p>ip dhcp snooping vlan 1</p>
<p>Will switch snoop on dhcp packets from vlan 1 to dhcp server and vice versa?</p>
<p> </p>
<p> </p>
<p> </p>
<p>2) if two switches sw1 and sw2 have vlan vlan 1 . Both switches are configured with dhcp snoop feature.</p>
<p> </p>
<p>Will sw1 only builds it snooping database based on the dhcp rellpies from dhcp server destined to host to vlans which connect to sw1 ot it will also builds its snooping database based on the replies sw2 forwarded to its host in vlan 1?</p>
<p> </p>
<p> </p>
<p> </p>
<p>My hunch is since dhcp server unicast the reply to appropitate relay agent. For example dhcp receives the dhcp req from host in vlan 1 on sw1.Dhcp server will unicast the reply to sw1 so sw2 will not hear that reply and can not build its snooping database based on the reply sw1 received.</p>
<p> </p>
<p>3) since dhcp snooping database relies on dhcp option 82 where relay agent adds info about the port(circuit id) which received the dhcp packet, that means dhcp snooping feture can only be implemented on a switch which is acting as relay agent for dhcp server. That also means the dhcp snooping feature can only be implemted on layer 3 or multilayer switch not layer 2 switch .Because layer 2 switch can not act as relay agent for dhcp server.</p>
<p> </p>
<p> </p>
<p> </p>
<p>Is my understanding correct?</p>
<p> </p>
<p> </p>
<p> </p>
<p> Is it correct concept?</p>
<p>Thanks a lot!</p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
02-01-2009 05:13 PM
Hi every body!
I found some answers after the whole day of researching. I am posting them here for others who may have similar questions in mind.
) If switch is configured with :
ip dhcp snooping vlan 1
Will switch snoop on dhcp packets from vlan 1 to dhcp server and vice versa?
Answ:
The Sw which is also relay agent, will snoop only on replies received from dhcp server before unicasting them to thier respective host.
2) if two switches sw1 and sw2 have vlan1 . Both switches are configured with dhcp snoop feature.
Will sw1 only builds its snooping database based on the dhcp replies from dhcp server destined to host to vlans which are connected to sw1 or it will also builds its snooping database based on the replies sw2 forwarded to its host in vlan 1?
answ:
Since sw builds its snooping database from dhcp ack replies on the local switch. So whatever dhcp ack sw2 receives will have no bearing on sw1's snooping database.
3) since dhcp snooping database relies on relay option 82 where relay agent adds info about the port(circuit id) which received the dhcp message, that means dhcp snooping feature can only be implemented on a switch which is acting as relay agent for dhcp server. That also means the dhcp snooping feature can only be implemented on layer 3 or multilayer switch not layer 2 switch .Because layer 2 switch can not act as relay agent for dhcp server.
answer:
yes dhcp snooping can only be configured on dhcp relay agent. . Since we need layer 3 interface to receive dhcp broadcast , so relay agent must be a router or layer 3/ multilayer switch. Layer 2 cannot acts as relay agent.
Thanks a lot!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide