I am having trouble getting the dhcp snooping to work on a stacked 3750 when a rogue DHCP server is plugged in to the network. I have configured dhcp snooping on one of our user switches with the following commands.
The configuration works in ther fact that users are still getting their IP address info from the DHCP server and i can see all the dhcp snooping bindings on the switch. But I'm having issues where when a rogue dhcp device is plugged in to one of the user ports i.e fa1/0/43 on the user subnet, and do an ipconfig /release /renew on a machine on the same VLAN, i am still getting a DHCPOFFER from the rogue device and the machine ends up with the wrong IP address.
Currrently the real DHCP server sits off a network behind the firewall, with a layer 3 link (running OSPF) between the user switch to the distribution switch. I have enabled the dhcp snooping on the link from the distribution switch to the real DHCP server (shown below).
DHCP snooping trusted interface
description JKTADC01 - LAC 1
switchport access vlan 21
switchport mode access
no snmp trap link-status
ip dhcp snooping trust
I have also attached a network diagram of the network setup.
I would like to stop the rogue server from being able to give out ip addresses.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...