We resently have a lot of log entrys in our switches regardig DHCP snooping. Like thise two:
007850: Nov 26 09:02:55.484 CET: %DHCP_SNOOPING-5-DHCP_SNOOPING_MATCH_MAC_FAIL: DHCP_SNOOPING drop message because the chaddr doesn't match source mac, message type: DHCPRELEASE, chaddr: 0016.4487.6527, MAC sa: 0017.422e.d204
007846: Nov 26 08:47:40.740 CET: %DHCP_SNOOPING-5-DHCP_SNOOPING_MATCH_MAC_FAIL: DHCP_SNOOPING drop message because the chaddr doesn't match source mac, message type: DHCPREQUEST, chaddr: 0016.4487.6527, MAC sa: 0017.422e.d204
What could cause this problem? The chaddr is the MAC of the wireless NIC and the MAC sa is the MAC of the "wired" NIC in the same machine.
Hope anyone can help.
The switch logging message basically says that the MAC address of the client contained in the chaddr (client hardware address) field in the DHCP message does not match the source MAC address of the frame in which the DHCP message is encapsulated. In other words, the interface for which the DHCP message was created does not match the interface through which the message was actually transmitted.
Is it possible that both the wireless and wired NIC in this machine are connected to the same network? If so then this is an issue of your operating system running on the machine - probably it uses both NICs and the NIC that transmitted the DHCP message was just not the one for which the DHCP packet was created. Note that it is not advisable for an ordinary PC or workstation to be connected by multiple NICs to the same network, as the operating systems usually are not capable of using both NICs appropriately.