Header Only - DO NOT REMOVE - Extreme Networks

dhcp snooping bindings database


Userlevel 4
Create Date: Jun 25 2013 11:00AM

Hi Experts,

i have this challenge:

dhcp snooping implemented on 2 vlans, default + voice
dhcp trusted server added for the 2 vlan (same server)
dhcp trusted ports uplink defined.

commands

enable ip-security dhcp-snooping vlan default port 13 violation-action ......
enable ip-security dhcp-snooping vlan voice port 13 violation-action ......

x250e code 12.0.1.11

avaya 1603 phone, first dhcp request on vlan default, with lease duration 1 minute, than 2nd dhcp request on vlan voice

Strange, typing sh ip-security dhcp-snooping entries vlan default or sh ip-security dhcp-snooping entries vlan voice

i dont have any entries, and this i think will be a problem if i'll implement other ip security feature on top of that, that replies on dhcp snooping database.

Any hint?

Andrea
(from Andrea_Gentile)

3 replies

Userlevel 4
Create Date: Jun 25 2013 9:06PM

Hi,

you must also enable dhcp snooping on dhcp server port, for example
if your server is available on port 48:
enable ip-security dhcp-snooping vlan default port 48 violation-action none

--
Jarek (from Jaroslaw_Kasjaniuk)
Userlevel 4
Create Date: Jun 26 2013 8:19AM

Hi,

dhcp server is located in another switch of the eaps rings, so may i add the 2 uplink ports to the dhcp snooping configuration?
even if they are already defined as trust ports ?
(from Andrea_Gentile)
Userlevel 4
Create Date: Jun 26 2013 11:17PM

Hi, following EXOS Concepts Guide for Release 15.3:

"You must enable DHCP snooping on both the DHCP server port as well as on the client
port. The latter ensures that DHCP client packets (DHCP Request, DHCP Release etc.) are
processed appropriately."

--
Jarek (from Jaroslaw_Kasjaniuk)

Reply