DHCP snooping and arp trust

bapatsubodh · ‎11-03-2010

Hi,

We have enabled DHCP snooping on particular VLAN. Does this automatically enables ARP inspection also? As if we are trying to connect one device with Static IP address and it is not able to communicate. ( unfortunately device can not be configured as DHCP client).

output of shown below;

#sh ip arp inspection vlan 100

Source Mac Validation : Disabled
Destination Mac Validation : Disabled
IP Address Validation : Disabled

Destination Mac Validation : Disabled
IP Address Validation : Disabled

Vlan     Configuration    Operation   ACL Match          Static ACL
----     -------------    ---------   ---------          ----------
100     Disabled         Inactive

Vlan     ACL Logging      DHCP Logging      Probe Logging
----     -----------      ------------      -------------
100     Deny             Deny              Off

OR DO we need to particularly configure the interface where we plan to connect the Static IP device so that the ARP request made by this device are not rejected?

Please share the experience.

Thanks

Subodh

lgijssel · ‎11-03-2010

DHCP snooping does not affect arp trust settings.

The cause of your problem is likely somewhere else.

Can you reach the default gateway?

Are you sure the device is placed in the correct vlan?

Chad Peterson · ‎11-03-2010

DHCP snooping does not enable DAI. If you do want to use DAI and have a device with static IP, you will either need to tell DAI to trust that port, or to put in a static binding for it.