cancel
Showing results for 
Search instead for 
Did you mean: 

ARP Validation Question

ARP Validation Question

B_
New Contributor II
I am attempting to configure dhcp-snooping with arp validation on a lab X450e-24p. DHCP snooping seems to work fine, I configure a trusted port (24) where the DHCP server is reached off of.

When I configure arp validation, I begin to get errors related to the default gateway of the network.

An ARP violation was detected on vlan port 24 violating IP violating MAC violation type Invalid IP-MAC Binding

I'm presuming this is because the gateway does not DHCP so a binding is never learned. Is the solution to this to create a static entry with this command:

"configure ip-security dhcp-bindings add"
Am I thinking of this correctly, is there any other technique?


5 REPLIES 5

Leviodjos
New Contributor
From the documentation: If configured for DHCP snooping, the switch snoops DHCP packets on the indicated ports and builds a DHCP bindings database of IP address and MAC address bindings from the received packets.

I think is may be that a trusted dhcp server is not set in the configuration. The switch or router ne to trust a server or a port that responds to the dhcp requests.

Example: configure trusted-servers vlan120 add server ip_address trust-for dhcp-server

Could please show us the ip-security dhcp-snooping configuration so that we can have more info to t-shoot the issue?

Thank you!

GTM-P2G8KFN