DHCP Snooping Problem

Answered Question
May 24th, 2010

Hi All:

I have some problems once i enable dhcp snooping on my switches.

The dhcp server is other site, connect via layer 3 link to my core switch (vss cat65)

All edge switches(cat45) are using trunk link connect to my core switch. all vlan terminates on core switch, ip helper point to dhcp server.

i only enable the dhcp snooping feature on my edge switches (cat45), trunk link put in trust mode, user port put limit rate 15.  Then no user can get ip address. if i disable dhcp snooping, everything back to normal.

the command i have used.

-----------------------------------------------------------

ip dhcp snooping

ip dhcp snooping vlan [user vlan id]

interface gi 1/1 [uplink]

switch mode trunk

ip dhcp snooping trust

interface 2/1 [user port]

swi mode access

swi access vlan [user vlan id]

ip dhcp snooping limit rate 15

-------------------------------------------------------------

i thought the dhcp snooping feature is localized. no need to enable end-to-end.

thanks for your help in advance.

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 6 years 6 months ago

Hello Jason,

you may need to add a command in order to make DHCP relay function to work correctly

see

>> If you are enabling trunking on uplink gigabit  interfaces, and the above routing configuration is defined on a  Catalyst 6500 series switch, you must configure the "trust" relationship  with downstream DHCP Snooping (on a Catalyst 4500 series switch) which  adds Option 82. On a Catalyst 6500 series switch, this task is  accomplished with ip dhcp relay information trusted VLAN  configuration command.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/dhcp.html#wp1073418

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Giuseppe Larosa Tue, 05/25/2010 - 02:05

Hello Jason,

you may need to add a command in order to make DHCP relay function to work correctly

see

>> If you are enabling trunking on uplink gigabit  interfaces, and the above routing configuration is defined on a  Catalyst 6500 series switch, you must configure the "trust" relationship  with downstream DHCP Snooping (on a Catalyst 4500 series switch) which  adds Option 82. On a Catalyst 6500 series switch, this task is  accomplished with ip dhcp relay information trusted VLAN  configuration command.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/dhcp.html#wp1073418

Hope to help

Giuseppe

Actions

This Discussion