I have a question about DHCP snooping. I want to enable this feature on two 6509 Catalyst switches that are doing Layer 3 Etherchannel towards the DHCP server and relaying DHCP requests by using the ip helper-address command. Here's the topology: http://img442.imageshack.us/img442/6159/dhcpsnoop.jpg
After reading a few articles, I'm still not sure where to put some of the commands to enable that feature Ð°nd I don't feel like experimenting on a live production network (unfortunately I can't lab it up). I was planning on issuing the following commands:
1) ip dhcp snooping information option (global conf mode) ---- to enable DHCP option-82 data insertion
2) ip dhcp snooping vlan 10 (global conf mode) ---- enables DHCP snooping on a VLAN
3) Then I need to configure DHCP trust state on the appropriate interfaces, but I can't apply the "ip dhcp snooping trust" command to the Port-Channel interfaces because there's no such command. So I figured I'd apply this command to the interfaces that compose the EtherChannel, but I can't do that either for the same reason. Do I really need to apply that command in my case?
4*) Some people say that I also need to apply the "ip dhcp relay information trusted" command to the SVI interface, but Cisco says the opposite -
"When DHCP snooping is enabled, these Cisco IOS DHCP commands are not available on the switch:
- ip dhcp relay information trusted interface configuration command
If you enter these commands, the switch returns an error message, and the configuration is not applied."
5) And, of course, I enable it by issuing the "ip dhcp snooping" command.
If anybody has any suggestions on how to enable DHCP snooping in my case or have the same setup up and running, your help will be greatly appreciated. Thanks.