- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: DHCP snooping option 82 clarification
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2009 07:07 AM
10-15-2009 07:07 AM
I'm trying to clarify a few things regarding dhcp snooping on a 2650 but I'm struggling to make sense of the manual pages (for one thing I can't find the dhcp snooping in the 2650 manuals so I'm referencing the 5400 manuals!)
If I have a 2650 with dhcp snooping enabled on for example, VLAN 2 and Option 82 insertion is enabled (which is the default) but the switch does not have an IP address on that VLAN does the switch modify the client DHCP packets in any way?
(the default gateway and ip-helper settings for VLAN 2 live on another switch further up the network)
Thanks in advance,
Mo
Solved! Go to Solution.
- Tags:
- DHCP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2009 11:17 PM
10-15-2009 11:17 PM
Re: DHCP snooping option 82 clarification
I see only option-82 support mentioned is when configuring dhcp-relay.
As the relay is not on this switch configuring this option is "no option".
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2009 11:19 PM
10-15-2009 11:19 PM
Re: DHCP snooping option 82 clarification
so if the switch has no ip-address in the vlan it will not do anything with the packet.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2009 01:14 AM
10-16-2009 01:14 AM
Re: DHCP snooping option 82 clarification
> I see only option-82 support mentioned is
> when configuring dhcp-relay.
> As the relay is not on this switch
> configuring this option is "no option".
It still seems to enable it on the switch however. The below is from a 2650 that I've just run the "dhcp-snooping" and then "sh dhcp-snooping" commands on.
# sh dhcp-snooping
DHCP Snooping Information
DHCP Snooping : Yes
Enabled Vlans :
Verify MAC : Yes
Option 82 untrusted policy : drop
Option 82 Insertion : Yes
Option 82 remote-id : mac
.
.
> so if the switch has no ip-address in the
> vlan it will not do anything with the
> packet.
That's what I was hoping the answer was.
The part that put me off slightly was where the manual said:
"If DHCP snooping is enabled on a switch where an edge switch is also using
DHCP snooping, it is desirable to have the packets forwarded so the DHCP
bindings are learned. To configure the policy for DHCP packets from untrusted
ports that already have Option 82 present, enter this command..."
Are they implying here that the edge switch is also routing?
Thanks,
Mo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2009 01:40 AM
10-16-2009 01:40 AM
Solutionhttp://www.hp.com/rnd/support/manuals/2650_6108.htm
Thos doc is from 2005.
the release notes say :
Release H.08.105 includes the following enhancement.
â Added DHCP Protection enhancement for switch 2600.
DHCP Snooping
so dhcp-snooping support is added later.
Yes, the text you quote describes the situation where yes the edge switch is routing and acting as ip-helper.
But multiple ip-helpers are used in the path to reach the dhcpserver.
This first (primary) ip-helper then is not configured directly with the address of the dhcp-server, but forwards requests to another router (also configured with ip-helper) to forward dhcp-requests.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2009 01:48 AM
10-16-2009 01:48 AM
Re: DHCP snooping option 82 clarification
http://cdn.procurve.com/training/Manuals/2600-RelNotes-H1083-59906003.pdf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2009 05:53 AM
10-16-2009 05:53 AM
Re: DHCP snooping option 82 clarification
I've done some initial testing with a 2610 and it all seems to be working as expected but I've turned off the option 82 insertion option anyway as it shouldn't be needed on my edge switches.