Cisco DHCP Snooping Relay Setup Information

Switch#show ip dhcp snooping
 

Switch DHCP snooping is disabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
   circuit-id format: vlan-mod-port
    remote-id format: MAC
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface                    Trusted     Rate limit (pps)
------------------------     -------     ----------------
FastEthernet0/1              yes         unlimited
GigabitEthernet0/1           yes         unlimited

 

To enable global "Switch DHCP Snooping":

Switch(config)#ip dhcp snooping

To enable DHCP snoop debugging

Note this only works IF the global dhcp snooping is enabled

debug ip dhcp snooping packet

To disable the DHCP debugging:

no debug ip dhcp snooping packet

Enable Port As Trusted:

You cannot broadcast DHCP unless the port is trusted so here's how you enable trust on a port (it does not work on a vlan I suppose for security reasons):

Switch(config-if)#int fa0/1
Switch(config-if)#ip dhcp snooping trust

Enable Snooping on VLAN:

Switch(config)#
Switch(config)#ip dhcp snooping vlan 1

Allow Untrusted Port:

int fa0/3

ip dhcp snooping information option allow-untrusted

Disable Option 82

If the relay or destination DHCP server doesn't support Option 82 Information it will break your DHCP and you will NOT get an IP/lease.

So disable Option 82 unless you are sure your network supports it:

Switch(config)#no ip dhcp snooping information option

Resources:

https://community.cisco.com/t5/switching/dhcp-snooping-not-working-dropping-packets/td-p/2076543

https://www.askitmen.com/network/ccna/configure-dhcp-snooping/


Tags:

cisco, dhcp, snooping, relay, informationswitch, ip, disabled, configured, vlans, insertion, enabled, circuit, format, vlan, mod, untrusted, verification, hwaddr, interface, pps, fastethernet, unlimited, gigabitethernet, enable, global, quot, config, snoop, debugging, debug, packet,

Latest Articles

  • How to allow SSH root user access in Linux/Debian/Mint/RHEL/Ubuntu/CentOS
  • Ansible Tutorial - Playbook How To Install From Scratch and Deploy LAMP + Wordpress on Remote Server
  • Ceph Install Errors on Proxmox / How To Fix Solution
  • Proxmox Update Error https://enterprise.proxmox.com/debian/pve bullseye InRelease 401 Unauthorized [IP: 144.217.225.162 443]
  • QEMU/KVM How to Hot-add A Virtual Disk .raw/.qcow2 via QEMU Monitor Commands
  • Proxmox How To Enable Ceph Distributed Storage Cluster with OSD and Pools
  • pulseaudio issue on QEMU/KVM guest VM when microphone is replugged/unplugged pulseaudio: pa_threaded_mainloop_lock failed pulseaudio: Reason: Invalid argument
  • Ubuntu Linux Mint - Volume Control Stopped Working
  • Proxmox Services Won't Start Failed to start The Proxmox VE cluster filesystem. Proxmox VE firewall. PVE Status Daemon. Proxmox VE scheduler. PVE Cluster HA Resource Manager Daemon. PVE Local HA Resource Manager Daemon.
  • Proxmox Guide FAQ / Errors / Howto
  • Virtualbox Vbox Issue Cannot Enable Nested Virtualization Button is Grayed/Greyed Out and Unclickable HowTo Solution
  • Virtualbox VBOX Howto Port Forward To Guests
  • Linux Ubuntu Debian Centos Mint - How To Check if Intel VT-x or AMD-V Hardware Virtualization is Enabled?
  • Linux Howto Zip Multiple Files and Directories
  • Windows Cannot Format USB drive Device Media is Write Protected Error Solution
  • Linux Mint 20 cannot install snapd missing solution
  • Virtualbox VBOX How To Install Guest-Utils/GuestUtils so drag and drop and clipboard works Ubuntu Mint Debian Linux
  • How to install Kubernetes with microk8s and deploy apps on Debian/Mint/Ubuntu Linux
  • vi how to delete everything to the end of the line or the rest of the line from the cursor
  • Cisco Howto Configure Console Port/Terminal/Comm Server with Async Cable Setup