DHCP Snooping Problem

Answered Question
May 24th, 2010
User Badges:

Hi All:


I have some problems once i enable dhcp snooping on my switches.


The dhcp server is other site, connect via layer 3 link to my core switch (vss cat65)


All edge switches(cat45) are using trunk link connect to my core switch. all vlan terminates on core switch, ip helper point to dhcp server.


i only enable the dhcp snooping feature on my edge switches (cat45), trunk link put in trust mode, user port put limit rate 15.  Then no user can get ip address. if i disable dhcp snooping, everything back to normal.


the command i have used.

-----------------------------------------------------------

ip dhcp snooping

ip dhcp snooping vlan [user vlan id]


interface gi 1/1 [uplink]

switch mode trunk

ip dhcp snooping trust


interface 2/1 [user port]

swi mode access

swi access vlan [user vlan id]

ip dhcp snooping limit rate 15

-------------------------------------------------------------


i thought the dhcp snooping feature is localized. no need to enable end-to-end.


thanks for your help in advance.

Correct Answer by Giuseppe Larosa about 6 years 11 months ago

Hello Jason,

you may need to add a command in order to make DHCP relay function to work correctly


see


>> If you are enabling trunking on uplink gigabit  interfaces, and the above routing configuration is defined on a  Catalyst 6500 series switch, you must configure the "trust" relationship  with downstream DHCP Snooping (on a Catalyst 4500 series switch) which  adds Option 82. On a Catalyst 6500 series switch, this task is  accomplished with ip dhcp relay information trusted VLAN  configuration command.


http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/dhcp.html#wp1073418


Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Giuseppe Larosa Tue, 05/25/2010 - 02:05
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Jason,

you may need to add a command in order to make DHCP relay function to work correctly


see


>> If you are enabling trunking on uplink gigabit  interfaces, and the above routing configuration is defined on a  Catalyst 6500 series switch, you must configure the "trust" relationship  with downstream DHCP Snooping (on a Catalyst 4500 series switch) which  adds Option 82. On a Catalyst 6500 series switch, this task is  accomplished with ip dhcp relay information trusted VLAN  configuration command.


http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/dhcp.html#wp1073418


Hope to help

Giuseppe

Actions

This Discussion