DHCP Snooping basics not work with HPE switches (JG920A,

oldboyRRR · ‎03-06-2019

I use dhcp-server and the output is configured to permanent IP based on mac-addresses.
dhcp snooping is configured on HPE. one port is trusted and all others are untrusted. This option 82 is turned off completely.
I write down the traffic coming from HPE back to dhcp server with capture tool (Mikrotik) to a file only from this port and with the condition 'port 68'
and see the following picture:
dhcp request as if you are duplicated. I see two packets in a row.
one with the original mac, the second with the HPE mac.

The switch-uplink in this case gives information messages about the need to take action.
Firmware fully updated to Version Release 1120 (2018). DHCP option 82 is not used. DHCP relay is not used.
Behavior on a larger scale is noticeable on the switch HPE 1920 48 ports, 24 ports , etc.

what's happening?
how to configure dhcp snooping simply?

must HPE duplicate DHCP replies ?

I have some text config but it very simple :

===============display version===============
===================================================
HPE Comware Platform Software
Comware Software, Version 5.20.99, Release 1120
Copyright (c) 2010-2018 Hewlett Packard Enterprise Development LP
HPE 1920-8G Switch uptime is 0 week, 0 day, 2 hours, 43 minutes

HPE 1920-8G Switch
128M bytes DRAM
32M bytes Flash Memory
Config Register points to Flash

Hardware Version is Ver.A
Bootrom Version is 122
[SubSlot 0] 8GE+2SFP Hardware Version is Ver.A

==========================================================
===============display device verbose===============
==========================================================
Slot 1
SubSNo PortNum PCBVer FPGAVer CPLDVer BootRomVer AddrLM Type State
0 10 Ver.A NULL 000 122 IVL SMBS10 Normal
Slot 1 info:
Status : Normal
Type : SMBS10
Software Ver : Release 1120
PCB Ver : Ver.A
FPGA Ver : NULL
BootRom Ver : 122
CPLD Ver : 000
PortNum : 10
Chip : 0
Learning Mode: IVL
=================================================================
===============display current-configuration===============
=================================================================
#
version 5.20.99, Release 1120
#
sysname HP 1920G Switch
#
clock timezone Moscow add 03:00:00
#
domain default enable system
#
ipv6
#
telnet server enable
#
web idle-timeout 30
#
password-recovery enable
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$2XXXXXXXXXXXXXXXXXXXXXXXXXX
authorization-attribute level 3
service-type telnet terminal
service-type web
#
stp mode rstp
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.24.4 255.255.252.0
#
interface GigabitEthernet1/0/1
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/2
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/3
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/4
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/5
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/6
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/7
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/8
loopback-detection enable
port auto-power-down
stp edged-port enable
undo lldp enable
dhcp-snooping trust
#
interface GigabitEthernet1/0/9
loopback-detection enable
stp edged-port enable
#
interface GigabitEthernet1/0/10
loopback-detection enable
stp edged-port enable
#
dhcp-snooping
#
ip route-static 0.0.0.0 0.0.0.0 Vlan-interface1 192.168.24.1
#
info-center loghost 192.168.4.104
undo info-center logfile enable
#
ntp-service source-interface Vlan-interface1
ntp-service unicast-server 192.168.4.4
#
ssh server enable
#
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
return
===============================================================
===============display saved-configuration===============
===============================================================
#
version 5.20.99, Release 1120
#
sysname HP 1920G Switch
#
clock timezone Moscow add 03:00:00
#
domain default enable system
#
ipv6
#
telnet server enable
#
web idle-timeout 30
#
password-recovery enable
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$XXXXXXXXXXx
authorization-attribute level 3
service-type telnet terminal
service-type web
#
stp mode rstp
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.24.4 255.255.252.0
#
interface GigabitEthernet1/0/1
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/2
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/3
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/4
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/5
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/6
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/7
loopback-detection enable
port auto-power-down
stp edged-port enable
#
interface GigabitEthernet1/0/8
loopback-detection enable
port auto-power-down
stp edged-port enable
undo lldp enable
dhcp-snooping trust
#
interface GigabitEthernet1/0/9
loopback-detection enable
stp edged-port enable
#
interface GigabitEthernet1/0/10
loopback-detection enable
stp edged-port enable
#
dhcp-snooping
#
ip route-static 0.0.0.0 0.0.0.0 Vlan-interface1 192.168.24.1
#
info-center loghost 192.168.4.104
undo info-center logfile enable
#
ntp-service source-interface Vlan-interface1
ntp-service unicast-server 192.168.4.4
#
ssh server enable
#
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
return
=====================================================

drk787 · ‎03-20-2019

Hi,

When you say 'The switch-uplink in this case gives information messages about the need to take action.' what is that message you are seeing.

With reference to DHCP configuration, you can find an example in the User guide below (Page 293).

http://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c04463799-4.pdf

Thank You!
I am an HPE Employee

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

DHCP Snooping basics not work with HPE switches (JG920A,

DHCP Snooping basics not work with HPE switches (JG920A,

Re: DHCP Snooping basics not work with HPE switches (JG920A,