Cisco DHCP Snooping Relay Setup Information

Switch#show ip dhcp snooping
 

Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
   circuit-id format: vlan-mod-port
    remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface                    Trusted     Rate limit (pps)
------------------------     -------     ----------------
FastEthernet0/1              yes         unlimited
GigabitEthernet0/1           yes         unlimited

 

To enable global "Switch DHCP Snooping":

Switch(config)#ip dhcp snooping

To enable DHCP snoop debugging

Note this only works IF the global dhcp snooping is enabled

debug ip dhcp snooping packet

To disable the DHCP debugging:

no debug ip dhcp snooping packet

Enable Port As Trusted:

You cannot broadcast DHCP unless the port is trusted so here's how you enable trust on a port (it does not work on a vlan I suppose for security reasons):

Switch(config-if)#int fa0/1
Switch(config-if)#ip dhcp snooping trust

Enable Snooping on VLAN:

Switch(config)#
Switch(config)#ip dhcp snooping vlan 1

Allow Untrusted Port:

int fa0/3

ip dhcp snooping information option allow-untrusted

Disable Option 82

If the relay or destination DHCP server doesn't support Option 82 Information it will break your DHCP and you will NOT get an IP/lease.

So disable Option 82 unless you are sure your network supports it:

Switch(config)#no ip dhcp snooping information option

Resources:

https://community.cisco.com/t5/switching/dhcp-snooping-not-working-dropping-packets/td-p/2076543

https://www.askitmen.com/network/ccna/configure-dhcp-snooping/


Tags:

cisco, dhcp, snooping, relay, informationswitch, ip, disabled, configured, vlans, insertion, enabled, circuit, format, vlan, mod, untrusted, verification, hwaddr, interface, pps, fastethernet, unlimited, gigabitethernet, enable, global, quot, config, snoop, debugging, debug, packet,

Latest Articles

  • ImageMagick Convert PDF Not Authorized
  • ImageMagick Converted PDF to JPEG some files have a black background solution
  • Linux Mint Mate Customize the Lock screen messages and hide username and real name
  • Ubuntu/Gnome/Mint/Centos How To Take a partial screenshot
  • ssh how to verify your host key / avoid MIM attacks
  • Cisco IP Phone CP-8845 8800/8900 Series How To Reset To Factory Settings Instructions
  • ls how to list ONLY directories
  • How to encrypt your SSH private key file id_rsa
  • Linux Mint 18 Disable User Name List from showing on Login Screen
  • Firefox Cannot Hit Enter Key In Address Bar and Location History Not Working
  • Cisco Unified Communications Manager / CUCM IP 8.6,10,12 Install Error Solution
  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution
  • nmap how to scan for all ports and not just the 1000 most common ports
  • Windows 7,8,10 and Server 2008, 2012, 2016, 2019 Read Only Attribute Won't Go Away
  • bind / named how to make a wildcard record and retain defined A records
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM
  • Local Vs Universally Administered MAC Address NIC Refuses to come up
  • Cisco Unified Communications Manager 12 CUCM 12 - How To Enable Video Calling
  • Windows 7, 8, 10, Windows Server 2008, 2012, 2016, 2019 How To AC97 Audio Drivers and Other Unsigned Drivers
  • Cisco Unified Communications Manager / CUCM IP Telephony Definitions