officertango
asked on
hp switch with dhcp-snooping
I have several hp switches on my network, core is 5406 and edges are 2500 and 2600. At the core I have one dhcp server on port a1 for vlan 5, I have fiber links to edge switches. I need to trust my dhcp server to be abke to only dhcp server to hand out ipaddress. Do I need to implent dhcp snooping on both the edge abd core switch? What would command look like? Thank
In short, you have to enable it everywhere.
...or just use the link I provided ;-)
ASKER
I am clear with all the commands except the trusted port part. Here is my scenario:
HP Core----DHCP server on Port A1
HP Core (port B1) connects to Hp Edge (port1)--- it is tagged between the switch, also on the edge there is a untagged port 2
command:
On the HP core:
dhcp-snooping trust A1, B1???
On the Hp Edge:
dhcp-snooping trust 1 or 2???
thanks
HP Core----DHCP server on Port A1
HP Core (port B1) connects to Hp Edge (port1)--- it is tagged between the switch, also on the edge there is a untagged port 2
command:
On the HP core:
dhcp-snooping trust A1, B1???
On the Hp Edge:
dhcp-snooping trust 1 or 2???
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
On the core:
DHCP-snooping trust A1 (this i agree) how about the downlink port to the edge, port B1 to the edge switch, don't I need to trust this port also?
on the edge:
don't I need to put in "port 1" uplink to the edge?
thanks for helping
DHCP-snooping trust A1 (this i agree) how about the downlink port to the edge, port B1 to the edge switch, don't I need to trust this port also?
on the edge:
don't I need to put in "port 1" uplink to the edge?
thanks for helping
Ok, downlink ports no - uplink ports yes. So you are correct, you will need to to it at the uplink port on the edge switch too.
ASKER
So the command will read as following for the TRUST part:
Core:
dhcp-snooping trust A1, B1
Edge:
dhcp-snooping trust 1
correct??
thanks
Core:
dhcp-snooping trust A1, B1
Edge:
dhcp-snooping trust 1
correct??
thanks
Not quite...
Core:
dhcp-snooping trust A1
Edge:
dhcp-snooping trust 1
You don't need to trust the downlinks, just the uplinks, so the ports going towards the DHCP server.
Don't forget to enable dhcp-snooping for the required VLANs.
Core:
dhcp-snooping trust A1
Edge:
dhcp-snooping trust 1
You don't need to trust the downlinks, just the uplinks, so the ports going towards the DHCP server.
Don't forget to enable dhcp-snooping for the required VLANs.
ASKER
Yes, I won't forget the VLAN.
When you refer to Downlink: to you saying from CORE to Edge?
Uplink: Edge to Core?
thanks a million
When you refer to Downlink: to you saying from CORE to Edge?
Uplink: Edge to Core?
thanks a million
Yes that's it :-)
This is a great link...
http://integratingit.wordpress.com/2012/08/13/configuring-dhcp-snooping-on-hp-procurve-switches/