Solved: dhcp interface

suthomas1 · ‎09-25-2010

An interface has following

interface FastEthernet2/0/24
switchport access vlan 100
switchport mode access
ip arp inspection trust
no logging event link-status
storm-control action shutdown
spanning-tree portfast
spanning-tree guard root
ip dhcp snooping limit rate 56

vlan 100 is divided into 2 parts- half into dhcp and other half into static ip's.dhcp is till 192.168.100.62 & static range from .63 onwards till .254.

a user using 192.168.100.120 ip plugs in , but is unable to use the network. his arp doesnt appear & is incomplete on the switch.

kindly advise possible way out.

Thank You All.

Jason Masker · ‎09-26-2010

You should only need DHCP snooping trust on the port of your DHCP

server but if you have arp inspection enabled you will need 'ip arp

inspection trust' on every port where a host with a static ip

connects. The reason is that arp inspection will filter any arps for

addresses not handed out by DHCP.

View solution in original post

Reza Sharifi · ‎09-25-2010

What if you delete "ip arp inspection trust" and clear the arp-cash and test again?

suthomas1 · ‎09-25-2010

Thanks, i will have these tried & see the status. am i also missing ip dhcp snooping trust?

Jason Masker · ‎09-26-2010

You should only need DHCP snooping trust on the port of your DHCP

server but if you have arp inspection enabled you will need 'ip arp

inspection trust' on every port where a host with a static ip

connects. The reason is that arp inspection will filter any arps for

addresses not handed out by DHCP.

suthomas1 · ‎09-26-2010

So , should i only go with ip dhcp snooping trust on the interface and take out rest of them ( inspection, snooping limit ).

Thank You.