ā01-14-2010 10:26 AM - edited ā03-06-2019 09:18 AM
Hi all,
I have 2650 Router acting as dhcp server and i have 2950 switch.
Config on router lan int
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
what i did today is config dhcp snooping on 2950t switch
ip dhcp snooping vlan 1
when i did on the switch and i restarted the pc it was unable to get the ip from router dhcp.
when i assign the static ip to pc it worked fine.
when i removed no ip dhcp snooping vlan 1 from switch config then my pc was able to get the ip address.
650# sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.1.2 0100.1641.e4ae.bc Jan 15 2010 11:12 AM Automatic
192.168.1.3 0100.1e33.92d5.7a Jan 15 2010 11:19 AM Automatic.
any body knows why enabling dhcp snooping caused this issue on my network that my pc was unable to get ip from dhcp server dynamicaly?
thanks
mahesh
Solved! Go to Solution.
ā01-14-2010 10:34 AM
mahesh18 wrote:
Hi all,
I have 2650 Router acting as dhcp server and i have 2950 switch.
Config on router lan int
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed autowhat i did today is config dhcp snooping on 2950t switch
ip dhcp snooping vlan 1
when i did on the switch and i restarted the pc it was unable to get the ip from router dhcp.
when i assign the static ip to pc it worked fine.
when i removed no ip dhcp snooping vlan 1 from switch config then my pc was able to get the ip address.
650# sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.1.2 0100.1641.e4ae.bc Jan 15 2010 11:12 AM Automatic
192.168.1.3 0100.1e33.92d5.7a Jan 15 2010 11:19 AM Automatic.any body knows why enabling dhcp snooping caused this issue on my network that my pc was unable to get ip from dhcp server dynamicaly?
thanks
mahesh
Mahesh
Did you configure the port that the router connects to as a trusted port ?
Jon
ā01-14-2010 10:50 AM
mahesh18 wrote:
Hi Jon,
i did not config the Router lan int fa1/0 as trusted port.
thanks
mahesh
Mahesh
See this doc for details -
You need to configure the router port as trusted ie. "ip dhcp snooping trust" and the other ports with clients as untrusted ie. "no ip dhcp snooping trust"
Jon
ā01-14-2010 10:34 AM
mahesh18 wrote:
Hi all,
I have 2650 Router acting as dhcp server and i have 2950 switch.
Config on router lan int
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed autowhat i did today is config dhcp snooping on 2950t switch
ip dhcp snooping vlan 1
when i did on the switch and i restarted the pc it was unable to get the ip from router dhcp.
when i assign the static ip to pc it worked fine.
when i removed no ip dhcp snooping vlan 1 from switch config then my pc was able to get the ip address.
650# sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.1.2 0100.1641.e4ae.bc Jan 15 2010 11:12 AM Automatic
192.168.1.3 0100.1e33.92d5.7a Jan 15 2010 11:19 AM Automatic.any body knows why enabling dhcp snooping caused this issue on my network that my pc was unable to get ip from dhcp server dynamicaly?
thanks
mahesh
Mahesh
Did you configure the port that the router connects to as a trusted port ?
Jon
ā01-14-2010 10:46 AM
Hi Jon,
i did not config the Router lan int fa1/0 as trusted port.
thanks
mahesh
ā01-14-2010 10:50 AM
mahesh18 wrote:
Hi Jon,
i did not config the Router lan int fa1/0 as trusted port.
thanks
mahesh
Mahesh
See this doc for details -
You need to configure the router port as trusted ie. "ip dhcp snooping trust" and the other ports with clients as untrusted ie. "no ip dhcp snooping trust"
Jon
ā01-14-2010 10:59 AM
Hi john
now i did config under switch
ip dhcp snooping vlan 1
ip dhcp snooping information option allow-untrusted
and after this i did release and renew ip from laptop.
then my pc was able to get ip from dhcp server which is router.
also under my router there is no option for
ip dhcp snooping ?
thanks
mahesh
ā01-14-2010 11:04 AM
Hi john
when i do
2950T# sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
it does not show any port under it?
do you know why is it like this
thanks
mahesh
ā01-14-2010 11:17 AM
hi john
thanks again
i did this now
under switch config
ip dhcp snooping vlan 1
and port that connects this switch to router
interface GigabitEthernet0/2
description Wan connection to Router
ip dhcp snooping trust
after this config i did ip release and renew and my pc was able to get the ip from dhcp server.
i did not config router lan interface as trusted one? is this ok
many thanks
mahesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: