Hi!
I am trying implement CEP ports on our extreme switches, I'm currently trying to get a test up and running on an X440-G2 12t running XOS version 21.1.5.2-patch1-5.
Currently I have one VMAN from our PE routers and to the client ports on the x440-G2 where it is added untagged with CEP and a unique CVID per port.
This is configured according to the command reference and works nicely(see below), I've mirrored the downlink port from the upstream switch to my test switch and with wireshark I can see that I get both the inner and outer tag on the traffic going from the client connected on the switch.
Where I am having issues is when I attempt to configure DHCP-Snooping together with this as I need to add option82 info to the DHCP packets coming from the client.
I have not found a way to configure DHCP-Snooping on the inner CVID and if I add this to the outer tag I can see traffic with option82 information on the DHCP requests from the test client but I see it only on the outer tag and it appears like the inner tag disappears.
How I have configured the port:
configure vman placeholdername add ports 1 untagged port-cvid 100
How I've configured DHCP-Snooping:
enable ip-security dhcp-snooping vlan placeholdername port 1 violation-action drop-packet block-mac duration 200
enable ip-security dhcp-snooping vlan placeholdername port 12 violation-action noneSo what I was hoping was that there were somebody here that knew how I could be able to configure this so that I can tack on DHCP options on the packets coming from the client while keeping the traffic inside the inner tag?
