Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ip dhcp snooping packets


What exactly is the use for the command "ip dhcp snooping packets"? Do I need this? We had a problem today with users pulling a dhcp address. They were authenticating to the AP with no problems, but no luck pulling an address.

FYI - these are configured on GRE tunnels.

Thanks. Here's an example of the config -

interface tunnel10

ip address 10.x.x.x

ip helper-address x.x.x.x

no ip redirects

ip dhcp snooping packets

tunnel source loopback

tunnel mode gre multipoint

mobility network-id xx

mobility broadcast

mobility tcp adjust-mss


Re: ip dhcp snooping packets

Wireless clients, or mobile nodes, gain access to an untrusted wireless network only if there is a corresponding entry in the DHCP snooping database. Enable DHCP snooping globally by entering the ip dhcp snooping command, and enable DHCP snooping on the tunnel interface by entering the ip dhcp snooping packets command. After you enable DHCP snooping, the process snoops DHCP packets to and from the mobile nodes and populates the DHCP snooping database.

You would probably need to sniff the network to see why DHCP was failing. If you are using Cisco Network Registrar you could also turn up the debugs to get an idea of why it was failing if the packets are getting to CNR.

New Member

Re: ip dhcp snooping packets

Thanks! It looks like since our DHCP servers do not support option 82, the "no ip dhcp snooping information option" command needed to be implemented globally. Things are working now.

The TAC case can be read about here -

CreatePlease login to create content