cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
269
Views
0
Helpful
1
Replies

DHCP Snooping not functioning

rapportit
Level 1
Level 1

887W router IOS 15.2(4)M

DHCP snooping doesn't appear to be working. I have it all set up but the bindings database won't populate and basically all DHCP traffic is allowed. The server is on a switch connected to FE0, and I'm basically just trying to regulate the wireless clients from the built in AP. I tested by removing the trusted state of FE0 and can still get DHCP ACK from any wireless client. It seems like the wireless AP is just bypassing the snooping

Router#show ip dhcp snoop
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
DHCP snooping is operational on following VLANs:
1
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
   circuit-id default format: vlan-mod-port
   remote-id: xxxx.xxxx.xxxx.xxxx (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface                  Trusted    Allow option    Rate limit (pps)
-----------------------    -------    ------------    ----------------
FastEthernet0              yes        yes             unlimited
  Custom circuit-ids:
Router#show ip dhcp snoop data
Agent URL : ftp://xxxxxxxxxxxxxx/dhcpsnoop.txt
Write delay Timer : 300 seconds
Abort Timer : 300 seconds

Agent Running : No
Delay Timer Expiry : Not Running
Abort Timer Expiry : Not Running

Last Succeded Time : 00:04:00 UTC Fri Aug 14 2015
Last Failed Time : None
Last Failed Reason : No failure recorded.

Total Attempts       :        2   Startup Failures :        0
Successful Transfers :        2   Failed Transfers :        0
Successful Reads     :        0   Failed Reads     :        0
Successful Writes    :        2   Failed Writes    :        0
Media Failures       :        0

Router#show ip dhcp snoop bind
MacAddress          IpAddress        Lease(sec)  Type           VLAN  Interface
------------------  ---------------  ----------  -------------  ----  --------------------
Total number of bindings: 0

1 Reply 1

rapportit
Level 1
Level 1

This turned out to be a licensing issue... had the npe version installed. It all started working when I put the standard license and IOS image on.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco