cancel
Showing results for 
Search instead for 
Did you mean: 

Problem with DHCP Snooping and Option 82 (Resolve)

nikita_kulikov
New Contributor III
Hi team!
I test DHCP Snooping on switches ICX7250 and ICX7150 (hw ver. 8.0.9). DHCP-Server was Cisco switch.

I configured DHCP Snooping according to manual:
    enable acl-per-port-per-vlan
    ip dhcp snooping vlan 100
   interface lag 1
    dhcp snooping trust

Clients on untrusted ports didn't get ip addresses from DHCP-Server.
All because DHCP option 82 is enabled on ICX by default and switch addes it to requests. But Cisco switch doesn't understand this requests.

Debug log from ICX7250:
    DHCP: snooping on for vlan 100, port 1/1/1
    DHCP: rcv on port 1/1/1, intercept DHCP pkt, Request
    DHCP: snooping on port 1/1/1, smac 10e7.c6e5.4d01, type 3, VRF default-vrf 0.0.0.0->10e7.c6e5.4d01
    DHCP Option82: Adding option 82
    DHCP Option82: 20 bytes added.
    DHCP Option82: Adding option 82

Debug log from Cisco switch (DHCP-server):
    DHCPD: Reload workspace interface Vlan100 tableid 0.
    DHCPD: tableid for 172.16.0.1 on Vlan100 is 0
    DHCPD: client's VPN is .
    DHCPD: inconsistent relay information.
    DHCPD: relay information option exists, but giaddr is zero.

I disabled DHCP option 82 and it's started work normally:
    (config)#ip dhcp snooping relay information disable
        or on interface
    (config-if-e1000-1/1/1)#no ip dhcp snooping relay information

Maybe anybody knows another way to resolve this problem.
2 REPLIES 2

robert_placenci
New Contributor II
option 82 is known to cause issues and it is recommended to disable it.  Even on my 99% cisco network, the "no ip dhcp snooping information option" is a part of our standard configuration.

sushant_gaurav
New Contributor
Can you try ICX with ip helper-address configuration under a VE i.e. making it a relay agent and try inter-op with CISCO (DHCP Server)

By Default Cisco IOS devices reject packets with zero “giaddr” and by default Cisco Catalyst switches use “giaddr” of zero when configured for DHCP snooping