Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

dhcp snooping feature and vlan

<p>Hi every body!</p>

<p> </p>

<p>!) If switch is configured with :</p>

<p> </p>

<p>ip dhcp snooping vlan 1</p>

<p>Will switch snoop on dhcp packets from  vlan 1 to dhcp server and vice  versa?</p>

<p> </p>

<p> </p>

<p> </p>

<p>2) if two switches  sw1 and sw2  have  vlan vlan 1 .  Both switches are configured with dhcp snoop feature.</p>

<p> </p>

<p>Will sw1 only builds it snooping database based on the  dhcp rellpies from dhcp server destined to host to vlans which connect to sw1 ot it will also builds its snooping database based on the replies sw2 forwarded to its host in vlan 1?</p>

<p> </p>

<p> </p>

<p> </p>

<p>My hunch is since dhcp server unicast the reply to appropitate relay agent. For example  dhcp receives the dhcp req from host in vlan 1 on sw1.Dhcp server will unicast the reply to sw1 so sw2 will not hear that reply  and can not build its snooping database based on the reply sw1 received.</p>

<p> </p>

<p>3) since dhcp snooping database relies on dhcp option 82   where relay agent adds info about the port(circuit id) which received the dhcp packet, that means dhcp snooping feture can only be implemented on a switch which is acting as relay agent for dhcp server. That also means the dhcp snooping feature can only be implemted on layer 3 or multilayer switch not layer 2 switch .Because layer 2 switch can not act as relay  agent for dhcp server.</p>

<p> </p>

<p> </p>

<p> </p>

<p>Is my understanding correct?</p>

<p> </p>

<p> </p>

<p> </p>

<p> Is it correct concept?</p>

<p>Thanks a lot!</p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

<p> </p>

1 REPLY
Bronze

Re: dhcp snooping feature and vlan

Hi  every body!

I found some answers after the whole day of researching. I am posting them here for others who may have similar questions in mind.

) If switch is configured with :

ip dhcp snooping vlan 1

Will switch snoop on dhcp packets from  vlan 1 to dhcp server and vice  versa?

  Answ:

The Sw which is also relay agent, will snoop only on replies received from dhcp server  before unicasting them to thier respective host.

2) if two switches  sw1 and sw2  have  vlan1  .  Both switches are configured with dhcp snoop feature.

Will sw1 only builds its snooping database based on the  dhcp replies from dhcp server destined to host to vlans which are connected to sw1 or it will also builds its snooping database based on the replies sw2 forwarded to its host in vlan 1?

answ:

Since sw builds its snooping database  from dhcp ack replies on the local switch. So whatever dhcp ack sw2 receives will have no bearing on sw1's snooping database.

3) since dhcp snooping database relies on  relay option 82   where relay agent adds info about the port(circuit id) which received the dhcp message, that means dhcp snooping feature  can only be implemented on a switch which is acting as relay agent for dhcp server. That also means the dhcp snooping feature can only be implemented  on layer 3 or multilayer switch not layer 2 switch .Because layer 2 switch can not act as relay  agent for dhcp server.

answer:

 yes dhcp snooping can only be configured on dhcp relay agent.  . Since we need layer 3 interface to receive dhcp broadcast , so relay agent must be a router or layer 3/ multilayer switch. Layer 2 cannot acts as relay agent.


Thanks a lot!

247
Views
0
Helpful
1
Replies
CreatePlease to create content