08-30-2013 04:13 AM - edited 03-07-2019 03:13 PM
Hello to everyone,
I have some issue with DHCP snooping on Catalyst 2960.
I added some vlans:
ip dhcp snooping vlan 2,400,401,402,403
But it dosen't work.
All details:
Version
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)SEE2, RELEASE SOFTWARE (fc1)
Configuration before:
SW13#sh ip dhcp snooping
Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
none
Insertion of option 82 is enabled
circuit-id format: vlan-mod-port
remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
SW13#sh ip dhcp binding
IP address Client-ID/ Lease expiration Type
Hardware address
#List of VLANs
SW13#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/17, Gi0/2
2 GUEST active
8 W-Int active
24 CONSOLES active
64 Inside active
100 WAN active
128 Mgm active
224 DMZ active
230 VoIP active Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12, Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23, Fa0/24
.
.
.
400 FLOOR-0 active Fa0/6, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/13, Fa0/15, Fa0/16, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24
401 FLOOR-1 active
402 FLOOR-2 active
403 FLOOR-3 active Fa0/14
.
.
.
Then I've made DHCP snooping config:
Enter configuration commands, one per line. End with CNTL/Z.
SW13(config)#ip dhcp snooping
SW13(config)#ip dhcp snooping vlan 2,400,401,402,403
SW13(config)#no ip dhcp snooping information option
SW13(config)#int gi 0/1
SW13(config-if)#ip dhcp snooping trust
# Gi0/1 is trunk
After config I've gotten this
SW13#sh ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
2
Insertion of option 82 is disabled
circuit-id format: vlan-mod-port
remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
GigabitEthernet0/1 yes unlimited
But also this:
SW13#sh run
!
ip dhcp snooping vlan 2,400-403
no ip dhcp snooping information option
ip dhcp snooping
ip domain-name mydomain.local
ip name-server 192.168.10.10
!
!
It works only for one VLAN, VLAN 2
SW13#sh ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
04:46:61:90:55:3D 192.168.102.27 3536 dhcp-snooping 2 FastEthernet0/1
Any help?
How to make it works for other vlans?
Is it problem related to IOS version, or something other?
Thank you.
Solved! Go to Solution.
08-30-2013 06:09 AM
08-30-2013 04:57 AM
Hi,
have you yet verified that VLANs 400-403 exist and are in active state (show vlan brief)?
Regards
Rolf
08-30-2013 06:05 AM
Yes, they are all in active state, that switch is a VTP client, I have another switches, some of them with another IOS version work fine, but switches with this version of IOS have this problem.
I've tried to reload, but without success.
Sincerely,
J
08-30-2013 06:09 AM
08-30-2013 08:49 AM
Jovan,
Try to reconfigure dhcp snooping after changing the VTP mode to transparent. I believe currenlty the VTP mode is client,
Regards
Partha
09-03-2013 05:06 AM
Partha,
Thank you for your help.
Yes VTP mode is client, I didn't change mode to transparent because I need that switch in VTP client mode. I put new IOS version.
Just an IOS upgrade.
Now it's working.
Thanks, again.
Regards,
Jovan.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide