This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ARP Validation Question

ARP Validation Question

B_
New Contributor II

‎07-13-2018 04:51 PM

I am attempting to configure dhcp-snooping with arp validation on a lab X450e-24p. DHCP snooping seems to work fine, I configure a trusted port (24) where the DHCP server is reached off of.

When I configure arp validation, I begin to get errors related to the default gateway of the network.

An ARP violation was detected on vlan port 24 violating IP violating MAC violation type Invalid IP-MAC Binding

I'm presuming this is because the gateway does not DHCP so a binding is never learned. Is the solution to this to create a static entry with this command:

"configure ip-security dhcp-bindings add"
Am I thinking of this correctly, is there any other technique?
0 Kudos
5 REPLIES 5

Leviodjos
New Contributor

‎07-16-2018 11:42 AM

From the documentation: If configured for DHCP snooping, the switch snoops DHCP packets on the indicated ports and builds a DHCP bindings database of IP address and MAC address bindings from the received packets.

I think is may be that a trusted dhcp server is not set in the configuration. The switch or router ne to trust a server or a port that responds to the dhcp requests.

Example: configure trusted-servers vlan120 add server ip_address trust-for dhcp-server

Could please show us the ip-security dhcp-snooping configuration so that we can have more info to t-shoot the issue?

Thank you!

0 Kudos
GTM-P2G8KFN