05-06-2010 10:46 AM - edited 03-06-2019 10:58 AM
Hello,
I would like to implement DHCP snooping function beetween a cat4510 (name switch A) with one DHCP server connected to it (vlan_dhcp_server) , and an access-switch (name switch E, DHCP client on vlan_dhcp_client) also connected throught several switches (names switches: B, switch C, switch D) to switch E.
DHCP client and DHCP server are not on the same vlans (there is a router)
On switch A,
the interface to the DHCP server is in a trusted mode
the interface to the router is in a trusted mode
dhcp snooping activated on vlan vlan_dhcp_client even if there is no client directly connected
on switch E,
no DHCP snooping definition
on switches B, C and D
no DHCP definition
on the router (switch cat4500 acting also as a router):
the interface to swith A is in a trust mode, but dhcp snooping isn't running/activated
Questions:
1) do I have to implement also DHCP snooping to all switches between swith A and switch E (B, C, and D) ?
(with trusted interface to switch A, activation on vlan_dhcp_client
2) on the router
do I have to enable DHCP snooping also on the router globally (even if there is no client from any vlans directly connected to the router (it is a cat4500 box) ?
ip dhcp snooping
still on the switch-router box, do I have to implement DHCP snooping on vlan_dhcp_client even if there is no client on this box directly connected?
ip dhcp snooping vlan <vlan_dhcp_client>
Regards,
05-14-2010 06:18 AM
DHCP snooping feature can't be considered as domain wide implementation like VTP. As you might be aware that DHCP snooping binding database is stored locally on the switch, so i m sure that you need not enable DHCP snooping through the way.
What you can do is enable dhcp snooping for the vlan on the switch where client is connected and make that port as untrusted and uplink from upstream switch as trusted. and check for the dhcp snooping binding or database on the local switch, which makes sense to me.
What i believe is such features cannot be deployed in campus at one go looking at the size... so its practical to say you can deploy it on one switch and server may reside on other network separated by several devices switches or routers.
HTH
Hitesh Vinzoda
Note : Please rate helpful posts
05-19-2010 06:49 AM
Hello,
Thank you for answer. Yes I think like you. Then I go on testing, DHCP snooping is running ok on switch A, with no DHCP function on sitches B, C D and E. The last problem I met on switch A is in fact related to option 82.
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide