This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
- Community
- RUCKUS Technologies
- RUCKUS Lennar Support
- Community Services
- RTF
- RTF Community
- Australia and New Zealand – English
- Brazil – Português
- China – 简体中文
- France – Français
- Germany – Deutsch
- Hong Kong – 繁體中文
- India – English
- Indonesia – bahasa Indonesia
- Italy – Italiano
- Japan – 日本語
- Korea – 한국어
- Latin America – Español (Latinoamérica)
- Middle East & Africa – English
- Netherlands – Nederlands
- Nordics – English
- North America – English
- Poland – polski
- Russia – Русский
- Singapore, Malaysia, and Philippines – English
- Spain – Español
- Taiwan – 繁體中文
- Thailand – ไทย
- Turkey – Türkçe
- United Kingdom – English
- EOL Products
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- RUCKUS Forums
- RUCKUS Technologies
- ICX Switches
- Re: Problem with DHCP Snooping and Option 82 (Reso...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Problem with DHCP Snooping and Option 82 (Resolve)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-07-2019 04:59 AM
Hi team!
I test DHCP Snooping on switches ICX7250 and ICX7150 (hw ver. 8.0.9). DHCP-Server was Cisco switch.
I configured DHCP Snooping according to manual:
enable acl-per-port-per-vlan
ip dhcp snooping vlan 100
interface lag 1
dhcp snooping trust
Clients on untrusted ports didn't get ip addresses from DHCP-Server.
All because DHCP option 82 is enabled on ICX by default and switch addes it to requests. But Cisco switch doesn't understand this requests.
Debug log from ICX7250:
DHCP: snooping on for vlan 100, port 1/1/1
DHCP: rcv on port 1/1/1, intercept DHCP pkt, Request
DHCP: snooping on port 1/1/1, smac 10e7.c6e5.4d01, type 3, VRF default-vrf 0.0.0.0->10e7.c6e5.4d01
DHCP Option82: Adding option 82
DHCP Option82: 20 bytes added.
DHCP Option82: Adding option 82
Debug log from Cisco switch (DHCP-server):
DHCPD: Reload workspace interface Vlan100 tableid 0.
DHCPD: tableid for 172.16.0.1 on Vlan100 is 0
DHCPD: client's VPN is .
DHCPD: inconsistent relay information.
DHCPD: relay information option exists, but giaddr is zero.
I disabled DHCP option 82 and it's started work normally:
(config)#ip dhcp snooping relay information disable
or on interface
(config-if-e1000-1/1/1)#no ip dhcp snooping relay information
Maybe anybody knows another way to resolve this problem.
I test DHCP Snooping on switches ICX7250 and ICX7150 (hw ver. 8.0.9). DHCP-Server was Cisco switch.
I configured DHCP Snooping according to manual:
enable acl-per-port-per-vlan
ip dhcp snooping vlan 100
interface lag 1
dhcp snooping trust
Clients on untrusted ports didn't get ip addresses from DHCP-Server.
All because DHCP option 82 is enabled on ICX by default and switch addes it to requests. But Cisco switch doesn't understand this requests.
Debug log from ICX7250:
DHCP: snooping on for vlan 100, port 1/1/1
DHCP: rcv on port 1/1/1, intercept DHCP pkt, Request
DHCP: snooping on port 1/1/1, smac 10e7.c6e5.4d01, type 3, VRF default-vrf 0.0.0.0->10e7.c6e5.4d01
DHCP Option82: Adding option 82
DHCP Option82: 20 bytes added.
DHCP Option82: Adding option 82
Debug log from Cisco switch (DHCP-server):
DHCPD: Reload workspace interface Vlan100 tableid 0.
DHCPD: tableid for 172.16.0.1 on Vlan100 is 0
DHCPD: client's VPN is .
DHCPD: inconsistent relay information.
DHCPD: relay information option exists, but giaddr is zero.
I disabled DHCP option 82 and it's started work normally:
(config)#ip dhcp snooping relay information disable
or on interface
(config-if-e1000-1/1/1)#no ip dhcp snooping relay information
Maybe anybody knows another way to resolve this problem.
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-07-2019 08:50 AM
option 82 is known to cause issues and it is recommended to disable it. Even on my 99% cisco network, the "no ip dhcp snooping information option" is a part of our standard configuration.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2020 11:25 AM
Can you try ICX with ip helper-address configuration under a VE i.e. making it a relay agent and try inter-op with CISCO (DHCP Server)
By Default Cisco IOS devices reject packets with zero “giaddr” and by default Cisco Catalyst switches use “giaddr” of zero when configured for DHCP snooping
By Default Cisco IOS devices reject packets with zero “giaddr” and by default Cisco Catalyst switches use “giaddr” of zero when configured for DHCP snooping
Labels
-
7250
1 -
802.3af PoE
1 -
802.3at PoE
1 -
AAA
1 -
ACL
1 -
auto-provision
1 -
auto-provisioning
1 -
Cluster synchronization
1 -
Crypto Keys
1 -
Deployment
1 -
dhcp-66
1 -
fastiron-10
1 -
fastiron-8
1 -
Firmware Upgrade
2 -
ICX
3 -
ICX 7150-C12p
1 -
ICX switch
2 -
ICX Switch Management
6 -
ICX-7150-C12
1 -
ICX-7550
1 -
ICX-8200
1 -
Installation
1 -
not enough electricity
1 -
overlad
1 -
Override PoE Operating Mode
1 -
PD overload
1 -
Poe
1 -
PoE mode.
1 -
power limitations
1 -
Proposed Solution
1 -
RADIUS
1 -
Routing
1 -
RUCKUS Self-Help
2 -
stack
1 -
stack password
1 -
tftp
1 -
Upgrade
1 -
Upgrade path
1 -
We
1 -
zero-touch
1
- « Previous
- Next »
