IP DHCP snooping question

Answered Question
Nov 30th, 2009

Hi

We resently have a lot of log entrys in our switches regardig DHCP snooping. Like thise two:

007850: Nov 26 09:02:55.484 CET: %DHCP_SNOOPING-5-DHCP_SNOOPING_MATCH_MAC_FAIL: DHCP_SNOOPING drop message because the chaddr doesn't match source mac, message type: DHCPRELEASE, chaddr: 0016.4487.6527, MAC sa: 0017.422e.d204

007846: Nov 26 08:47:40.740 CET: %DHCP_SNOOPING-5-DHCP_SNOOPING_MATCH_MAC_FAIL: DHCP_SNOOPING drop message because the chaddr doesn't match source mac, message type: DHCPREQUEST, chaddr: 0016.4487.6527, MAC sa: 0017.422e.d204

What could cause this problem? The chaddr is the MAC of the wireless NIC and the MAC sa is the MAC of the "wired" NIC in the same machine.

Hope anyone can help.

Mikkel


I have this problem too.
2 votes
Correct Answer by Peter Paluch about 7 years 1 month ago

Hello,

The switch logging message basically says that the MAC address of the client contained in the chaddr (client hardware address) field in the DHCP message does not match the source MAC address of the frame in which the DHCP message is encapsulated. In other words, the interface for which the DHCP message was created does not match the interface through which the message was actually transmitted.

Is it possible that both the wireless and wired NIC in this machine are connected to the same network? If so then this is an issue of your operating system running on the machine - probably it uses both NICs and the NIC that transmitted the DHCP message was just not the one for which the DHCP packet was created. Note that it is not advisable for an ordinary PC or workstation to be connected by multiple NICs to the same network, as the operating systems usually are not capable of using both NICs appropriately.

Best regards,

Peter

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Peter Paluch Tue, 12/01/2009 - 04:28

Hello,

The switch logging message basically says that the MAC address of the client contained in the chaddr (client hardware address) field in the DHCP message does not match the source MAC address of the frame in which the DHCP message is encapsulated. In other words, the interface for which the DHCP message was created does not match the interface through which the message was actually transmitted.

Is it possible that both the wireless and wired NIC in this machine are connected to the same network? If so then this is an issue of your operating system running on the machine - probably it uses both NICs and the NIC that transmitted the DHCP message was just not the one for which the DHCP packet was created. Note that it is not advisable for an ordinary PC or workstation to be connected by multiple NICs to the same network, as the operating systems usually are not capable of using both NICs appropriately.

Best regards,

Peter

marcaccini Sun, 02/19/2012 - 18:07

Any recommendations on keeping the wireless NIC from begin active when the user's laptop is docked? We are currently using DELL Lattitude E6520's running Windows 7. I have found a few applications out there that will do this for a fee, but would ideally like to implement this without having to pay for a third party application. ( hard to justify a budget expense for 3,500 machines )

Actions

This Discussion

Related Content