Hi,
I checked it again this time include Dhcp server and after i chcked it i realized that i IT gave me the wrong port.

Fixed it all works well.

Thanks
Rafi

Hi Michael,
Yes it’s really old :(

I don’t own the dhcp so i don’t know if the server sees the massage “discover”. (i can ask the it guy to give me access)
It’s L2 the client is broadcasting to the dhcp server.

Regards
Rafi

Hi Rafi,

That’s a really hold piece of hardware with some really old software you have there.

Is the DHCP server seeing the DHCP discover requests? Is this all Layer 2 or do you have DHCP relay enabled?

Good Luck!

I tried to add dhcp snooping on nortel 8300 version 4.2.2.
Aftet i enabled it clients couldent get ip

This is how i enabled the dhcp snooping
– Enable in global
-Enable on specipic
– change the switch port of dhcp server
To trust (true)

Any idea ?

Hi Michael,

Thanks fot the quick answer.

Software version is 5.6.0008, and since it’s a test configuration, I can’t really make update, since it’s supposed to be the same configuration as production switches…

I’ll try a more recent software to see if it’s a bug, and I’ll let you know.

Hi Fabien,

What version of software?

I haven’t tested it myself in a L3 configuration, wondering if you’ve stumbled across a bug.

Cheers!

I’m currently trying to implement DHCP snoop and ARP inspection on a 4500 with L3 (RIP, dhcp-relay), and my IP phones can get an IP address, but are not entered in DHCP Snooping binding table, and then doesn’t work…

We already implemented those protocols on 4500 with only L2 protocols, and there’s no problem…

Do you have an idea ?

Fabien.

When I set up DHCP-Snooping/DAI, 802.1x stop working without warning exactlly on the switch used for testing purposes. It turns out to be a coincidence. I’ve just upgraded the switch and now both features are working well.

Hi Ricardo,

I haven’t used the combination myself personally… I would think 802.1x occurs well before any DHCP requests.

What exactly are you seeing?

Cheers!

I’m seeting up these features together with some issues

Hi IJdo,

I believe DHCP Option 82 will work regardless if the switch is configured as a Layer 3 router or just a Layer 2 access/edge switch.

Cheers!

Does the vlan interface actually have to do the routing for the vlan to be able to use option 82? In other words: does it work with a router upstream (which does the actual DHCP relay for that vlan as well) from the access switch?

Hi Will,

As you alluded to these features require some thought and evaluation before deploying. I will raise this point as well, if you want to move a port to a different you need to disable IP Source Guard before you can change the VLAN assignment.

Thanks for the comment!

This post was excellent. Thanks a lot.

I remember when a peer turned on arp inspection (to try and fix a broadcast storm) and took down the entire network. i.e. – do not enable any of the above unless you understand the impact

Thanks for the comment Frank!

I don’t think we’ll be deploying IPv6 on the internal production network anytime soon. We have plans to offer IPv6 on our Internet accessible networks and on our DMZ networks but no real need for IPv6 on the actual internal network. I can’t imagine the stares I’ll get from all the healthcare vendors regarding IPv6, they probably don’t even have IPv6 on their product or support roadmaps.

These features make a great argument for doing manual (reserved) DHCP IP address assignments for almost everything (if possible). The more devices using DHCP the less administrative overhead you’ll need to content with in managing the DHCP snooping tables. I believe the DHCP snooping table has a limit of 1024 records as of 6.2 software for the Ethernet Routing Switch 5000 series so you can’t really implement a single network wide table.

Cheers!

It might be w

Cheers!

One more note to add – don’t forget to pester your vendors, whoever they may be to get full feature parity in the IPv6 space. We need RA guard and NDP inspection, or we’re going to have the same old problem re-appearing as soon as we roll out v6!