DHCP snooping just stops working

Unanswered Question
Oct 28th, 2009
User Badges:
  • Bronze, 100 points or more

Hi all,

We are using DHCP snooping already for 2 years and since last week, we have experienced DHCP problems on at least 3 Access switches. We are running 12.2(35)SE2 on C3750 stacks. When i do a debug ip dhcp snooping packets, i always see the same:

002556: Oct 28 13:24:03.496 CET: DHCP_SNOOPING: process new DHCP packet, message type: DHCPDISCOVER, input interface: Fa2/0/17, MAC da: ffff.ffff.ffff, MAC sa: 001f.ca28.da4c, IP da:, IP sa:, DHCP ciaddr:, DHCP yiaddr:, DHCP siaddr:, DHCP giaddr:, DHCP chaddr: 001f.ca28.da4c

002557: Oct 28 13:24:03.496 CET: DHCP_SNOOPING: add relay information option.

002558: Oct 28 13:24:03.504 CET: DHCP_SNOOPING: binary dump of relay info option, length: 30 data:

0x52 0x1C 0x1 0x8 0x1 0x6 0x44 0x54 0x41 0x31 0x31 0x35 0x2 0x10 0x1 0xE 0x53 0x41 0x45 0x4E 0x44 0x43 0x41 0x30 0x37 0x42 0x30 0x30 0x41 0x41

002559: Oct 28 13:24:03.504 CET: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (115)

002560: Oct 28 13:24:03.504 CET: DHCP_SNOOPING_SW: bridge packet output port set is null, packet is dropped.

Especially the "bridge packet output port set is null, dropped" worries me. It seems the switch doesn't know anymore that the uplink trunks are part of the vlan and that the packets should be flooding to the uplink trunks...(or course the uplink interfaces are configured as "ip dhcp snooping trust", like i said, it has been running fine for months. Maybe it has something to do with the daylight savings time that has changed last week ? Or bug ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Peter Paluch Fri, 10/30/2009 - 15:06
User Badges:
  • Cisco Employee,

Hello Geert,

This looks more like bug that anything else. Sorry for asking such a stupid question but if it is possible for you to restart the stack completely, would you mind doing it and testing if the problem goes away?

Is it absolutely sure that nothing even remotely related could have changed in the configuration recently?

Best regards,



This Discussion