Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
331
Views
0
Helpful
3
Replies

DHCP snooping binding

cisco_lad2004
Level 5
Level 5

‎09-18-2009 09:54 AM - edited ‎03-06-2019 07:47 AM

Dear all,

I run DHCP snooping & DAI.

typically all leases from external server are noted and added to binding table. however recently I have noticed that after lease was increased, some entries just assigned were no longer present within the lease period.

for example if my lease is 48hrs, entries were not present after 8hrs...no NAK or release messages were logged. as a result DAI did what is suppose to do.

Platform is 4510 , 12.2(31) SGA8 release notes were parsed for BUGs, none found.

any thoughts ?

TIA

Sam

Labels:
0 Helpful
3 Replies 3

Peter Paluch
Cisco Employee
Cisco Employee

‎09-18-2009 11:19 AM

Hi Sam,

An interesting issue. Personally, I would start by looking carefully at the show ip dhcp binding output and having a look whether the recorded leases have the proper lease time indicated. If not then it would be worth trying to sniff the DHCPACK messages to see what timeouts they contain and in what relationship they are in comparison with the DHCP snooping database.

An entry in the DHCP snooping database will be removed if the associated port goes down. Also, while I am not completely sure about it I suspect that other connectivity changes could also account for flushing an entry - 802.1X authentication failure, STP role/state change on a port or similar. That would be my second guess - to check whether there are events similar to these that could potentially cause the DHCP snooping entries to be flushed. Note that Windows in particular tend to ignore short connectivity issues and they often do not renew their DHCP lease after an intermittent connectivity problem.

If debugging is possible for you, I would also have a look for the output of the debug ip dhcp snooping event command (and the related debugs) to see if any reason for flushing an entry from the snooping database is indicated.

Best regards,

Peter

0 Helpful

cisco_lad2004
Level 5
Level 5
In response to Peter Paluch

‎09-18-2009 11:55 AM

Thanks Peter !

I quickly tested if snooping database is cleared if a port goes down, and I am afraid it does not. logged lease just keeps decreasing as normal (bearing in mind I am using PVLANs).

I will definitely debug and use a sniffer.

Sam

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to cisco_lad2004

‎09-18-2009 12:01 PM

Hello Sam,

Hmm... I'm home right now but I will be in a lab tomorrow so I will also give it a try.

Best regards,

Peter

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card