Options
DHCP snooping table not populating
I've run into a problem where one of my switches DHCP snooping table is not tracking any of the MAC/IP/VLAN/Interface assignments. I have that switch setup as the DHCP server handing out addresses. I have another switch connected through etherchannel that also has DHCP snooping enabled but, that one IS tracking the DHCP snooping assignments. Both switches are 2950's running the same IOS ver:"c2950-i6k212q4-mz.121-22.EA14.bin"
|--Switch1--|
etherchannel
|--Switch2--|
dhcp srv
Whenever I connect clients to switch2, they get an address from switch1 just fine and it's tracked in switch2 DHCP snooping table.
Whener I connect clients to switch1, it hands out an address but, does not record any DHCP snooping info in switch1 table. Nothing is showing when I do a 'sho ip dhcp snoop binding'.
It's gotta be a problem in using switch1 as the DHCP server since switch2 config is identical and it tracks the snooping entries.
SW1
!
ip dhcp pool FILELAN
network 192.168.139.0 255.255.255.0
lease 3
!
ip dhcp snooping vlan 99
no ip dhcp snooping information option
ip dhcp snooping
!
interface Port-channel1
switchport trunk native vlan 2
switchport trunk allowed vlan 99
switchport mode trunk
switchport nonegotiate
ip dhcp snooping trust
***I have the interfaces that po1 bundles set as "ip dhcp snooping trust"***
|--Switch1--|
etherchannel
|--Switch2--|
dhcp srv
Whenever I connect clients to switch2, they get an address from switch1 just fine and it's tracked in switch2 DHCP snooping table.
Whener I connect clients to switch1, it hands out an address but, does not record any DHCP snooping info in switch1 table. Nothing is showing when I do a 'sho ip dhcp snoop binding'.
It's gotta be a problem in using switch1 as the DHCP server since switch2 config is identical and it tracks the snooping entries.
SW1
!
ip dhcp pool FILELAN
network 192.168.139.0 255.255.255.0
lease 3
!
ip dhcp snooping vlan 99
no ip dhcp snooping information option
ip dhcp snooping
!
interface Port-channel1
switchport trunk native vlan 2
switchport trunk allowed vlan 99
switchport mode trunk
switchport nonegotiate
ip dhcp snooping trust
***I have the interfaces that po1 bundles set as "ip dhcp snooping trust"***
Comments
-
Options
amsic
Member Posts: 6 ■□□□□□□□□□
I may not be 100% correct here but setting an interface as trusted only affects DHCP replies. This works for SW2 because clients are requesting DHCP service through the EtherChannel to SW1. SW1 replies across the EC and SW2 is configured to trust replies across this interface. SW1 should not receive replies across the EC. Essentially the port only trusts DHCP ingress replies.
I think by default ports are untrusted and need to be configured as trusted. The show dhcp snooping command lists bindings that have been learned (i.e. port ingress). I don't believe directly connected hosts will be populated in the DHCP binding database.