Have question about DHCP snooping, wanted to enable this feature to our LAN. here is below our LAN infrastructure:
2x 6500 as core switches L2/L3
2x6500 as access switches for server farms L2
50x3750 as access switches for users
All access switches are connected to the both 6500 core switches with redundant links
As I understood I have to enable first ip dhcp snooping to all those switches even on the core switches. And all access switches 6500 and 3750
After that I have to enable ip dhcp snooping trust to every uplinks
And finally have to enable ip dhcp snooping on the specific vlans that I want this feature.
So my question is:
Why have I to enable ip dhcp snooping to the four 6500 switches, if I enable ip dhcp snooping to only 3750 access switches for users and trust all uplink to the core switches, why this features doesn’t works ?
I probably missed some thing but I cannot find the answer on the Cisco site.
>> Why have I to enable ip dhcp snooping to the four 6500 switches, if I enable ip dhcp snooping to only 3750 access switches for users and trust all uplink to the core switches, why this features doesn’t works ?
if DHCP is enabled only on the Vlans used on the access layer C3750 you can and you should enable DHCP snooping only at the access layer.
Likely vlans used in server farms don't use DHCP services (I would expect IP addresses to be statically configured on servers)
the risk is to waste cpu resources on devices that likely will never process DHCP requests of PCs directly connected to their ports.
There are some older threads about a similar scenario.
Thanks for your answer, but I don’t really understand your explanation, I have all access switches 3750 L2 so there is no VLAN on those Switches, all vlan SVI are on the core switches 6500 and the two other 6500 are also only L2 for server farm. So my question is in this case why I have to enable snooping to all 6500? if I enable ip dhcp snooping to all my access switches 3750 and trust uplinks to both core, this should work according to cisco docs?
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.