DHCP Snooping in a switch that is the DHCP server as well
I'm working on the configuration of IP DHCP snooping and DAI on some of the customer´s branch offices, I've found a lot of information in guides and blogs and so but my deployment is quite different of the traditional approaches that those guides show.
I have a Metro-E connecting some 3850 Switches in Stack that work as the core switches for each branch office. Those switches are the DHCP servers as well for each location. I totally understand DHCP snooping and how to configure it in all my Access switches (typically 2960 and 3560), my question is regarding the utilization of the following two commands into my Core Switch and if I should configure this one with DHCP Snooping ( I think I should).
1. ip dhcp snooping information option allow-untrusted
As I understand this command is used into the switches in order to permit the packets with option-82 enabled in any untrusted port. So I need it because at the core I will received a bunch of packets with this option because of the Access Switches.
2. ip dhcp relay information trust-all
I've read that this command is usually used in IOS routers (where the DHCP service is configured) in order to allow any packet with the very same option 82.
In my case, as there is no router and the Core Switch is the DHCP server should I use both commands or with the 1. would be enough?? please justify your answer in order to totally understand these features.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...