Cisco DHCP Snooping Relay Setup Information

Switch#show ip dhcp snooping
 

Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
   circuit-id format: vlan-mod-port
    remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface                    Trusted     Rate limit (pps)
------------------------     -------     ----------------
FastEthernet0/1              yes         unlimited
GigabitEthernet0/1           yes         unlimited

 

To enable global "Switch DHCP Snooping":

Switch(config)#ip dhcp snooping

To enable DHCP snoop debugging

Note this only works IF the global dhcp snooping is enabled

debug ip dhcp snooping packet

To disable the DHCP debugging:

no debug ip dhcp snooping packet

Enable Port As Trusted:

You cannot broadcast DHCP unless the port is trusted so here's how you enable trust on a port (it does not work on a vlan I suppose for security reasons):

Switch(config-if)#int fa0/1
Switch(config-if)#ip dhcp snooping trust

Enable Snooping on VLAN:

Switch(config)#
Switch(config)#ip dhcp snooping vlan 1

Allow Untrusted Port:

int fa0/3

ip dhcp snooping information option allow-untrusted

Disable Option 82

If the relay or destination DHCP server doesn't support Option 82 Information it will break your DHCP and you will NOT get an IP/lease.

So disable Option 82 unless you are sure your network supports it:

Switch(config)#no ip dhcp snooping information option

Resources:

https://community.cisco.com/t5/switching/dhcp-snooping-not-working-dropping-packets/td-p/2076543

https://www.askitmen.com/network/ccna/configure-dhcp-snooping/


Tags:

cisco, dhcp, snooping, relay, informationswitch, ip, disabled, configured, vlans, insertion, enabled, circuit, format, vlan, mod, untrusted, verification, hwaddr, interface, pps, fastethernet, unlimited, gigabitethernet, enable, global, quot, config, snoop, debugging, debug, packet,

Latest Articles

  • ssh Too many authentication failures not prompting for password
  • LightDM Mint Ubuntu Debian won't start errors Nvidia Graphics
  • WARNING: Unable to determine the path to install the libglvnd EGL vendor library config files. Check that you have pkg-config and the libglvnd development libraries installed, or specify a path with --glvnd-egl-config-path. Linux Ubuntu Mint Debian E
  • How To Upgrade Linux Mint 18.2 to 18.3 to 19.x and 20.x
  • MP3s Won't Play / ID3 Version 2.4 Issues in Cars and Other MP3 Players/CDs/DVDs Solution
  • LXC Containers LXD How to Install and Configure Tutorial Ubuntu Debian Mint
  • GlusterFS HowTo Tutorial For Distributed Storage in Docker, Kubernetes, LXC, KVM, Proxmox
  • Ubuntu Mint audio output not working pulseaudio "pulseaudio[13710]: [pulseaudio] sink-input.c: Failed to create sink input: too many inputs per sink."
  • How To Shrink Dynamically Allocated VM QEMU KVM VMware Disk Image File
  • How To Enable Linux Swapfile Instead of Partition Ubuntu Mint Debian Centos
  • 404 Not Found [IP: 151.101.194.132 80] apt update Debian 11 Bullseye Solution The repository 'http://security.debian.org bullseye/updates Release' does not have a Release file.
  • WARNING: Can't download daily.cvd from db.local.clamav.net freshclam clamav error solution
  • (firefox:9562): LIBDBUSMENU-GLIB-WARNING **: Unable to get session bus: Failed to execute child process "dbus-launch" (No such file or directory) Solution
  • Debian Mint Ubuntu Which Package Provides missing top, ps and w Solution
  • Vbox Virtualbox DNS NAT Network Mode NOT working
  • Docker Tutorial HowTo Install Docker, Use and Create Docker Container Images Clustering Swarm Mode Monitoring Service Hosting Provider
  • Zoom Password Error 'That passcode was incorrect' - Solution Wrong Passcode Wrong Meeting Name
  • How To Startup and Open Remote/Local Folder/Directory in Ubuntu Linux Mint automatically upon login
  • How To Reset Windows Server Password 2019, 2022, 7, 8, 10, 11 Recovery and Removal Guide Using Linux Ubuntu Mint Debian
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication