dhcp snooping

Hello,

I am playing around with DHCP Snooping on a switch before I deploy the config out. I have a very simple lab. Router that provides DHCP to a switch with a host on it. I enabled DHCP snooping on my vlan and on the switch

IT_SWITCH#sh run | i snooping
ip dhcp snooping vlan 1
ip dhcp snooping

Open in new window


No trusted ports have been configured on any port even the trunk to the router so technically, I shouldn't get DHCP IP address to my host? Correct? If so, I am. Am I doing something wring? No trusted port was configured so I should not get dhcp
LVL 3
Shark AttackNetwork adminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hemil AquinoNetwork EngineerCommented:
Exactly, if you dont have any trusted port any dhcp broadcast will be dropped. You'd need to give to an specific port the right to become a trusted port to send DHCP traffic to the network follow by the trunk.
0
Shark AttackNetwork adminAuthor Commented:
right, and I am saying that it's not working. I am still getting dhcp address  and I haven't configured any trusted port on the switch
0
Hemil AquinoNetwork EngineerCommented:
Did you enable it ip dhcp snooping globally? a lots of people forget about this comand, without it you will be seeing the DHCP broadcast

here is what you need in your switch

- Ip dhcp snooping
- Ip dhcp snooping vlan (whatever number you want to apply it)

configure the interface:

with the trusted
Ip dhcp snooping trust.

hope it helps.
0
Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

JustInCaseCommented:
If you are using router that is directly connected to SVI as DHCP server DHCP snooping will work. IP DHCP snooping trust is needed only in direction of DHCP server. IP DHCP snooping is only dropping DHCPoffer and DHCPack from untrusted ports. And also, here ip dhcp snooping is applied only to VLAN 1, if DHCP client is currently in any other VLAN, IP DHCP snooping will not work. To apply DHCP snooping to VLANs 1-4094:
ip dhcp snooping vlan 1-4094
1
Shark AttackNetwork adminAuthor Commented:
so you're saying that if the router is a dhcp device connect to SVI on a switch then I dont need snooping trust configured. Correct?
0
Shark AttackNetwork adminAuthor Commented:
take a look at the image and my config below. As you see, I am using vlan 100 only. I have dhcp snooping enabled globally and for vlan 100, nothing else is configured. I have no dhcp snooping trust on g0/14 which goes to that routet configured with dhcp. I tested this and it works, I am getting dhcp to the host.
map.png
TEST_SW#sh run | i snooping
ip dhcp snooping vlan 100
ip dhcp snooping
TEST_SW#
TEST_SW#
TEST_SW#sh run int g0/14
Building configuration...

Current configuration : 155 bytes
!
interface GigabitEthernet0/14
 description TO ROUTER
 switchport trunk native vlan 100
 switchport mode trunk
 switchport nonegotiate
 no keepalive

TEST_SW#sh run int vl 1
Building configuration...

Current configuration : 48 bytes
!
interface Vlan1
 no ip address
 shutdown
end
end

Open in new window

0
Hemil AquinoNetwork EngineerCommented:
Based in your image above.

R1 will be sending dhcp broadcast to your untrusted vlan 100 in your switch. -- At this point traffic should be rejected because you dont have any trusted port enabled.

Verify if you dont have your switch configured as DHCP or maybe something else that might be causing the issue receiving ip addresses.
0
Shark AttackNetwork adminAuthor Commented:
I've re-created the scenario in packet-tracer and it's the same thing. I have no DHCP trusts configured anywhere and still getting dhcp addresses. In packet tracer, I configured standalone DHCP server separate form cisco devices, on different vlan separate from the host vlan and still getting IP. This is really bugging me.
0
Hemil AquinoNetwork EngineerCommented:
Alright dude, don't get worked up that's why we are here to help you. I will be sending you a packet tracer so you can check my configuration. But I dont recommend people to use packet tracer with this kind of scenarios. Use GNS3 instead.

I think you need to add both command to the ip snooping. (Vlan 1, 100) in your case.
I see you are trunking. Here is my packet tracer file. As you will see I am not getting any ip address to that machine.
The only command I've used on the switch was
ip dhcp snooping
ip dhcp snooping vlan 1,100
Snooping.txt
0
Shark AttackNetwork adminAuthor Commented:
well that's interesting. its clearly working for you
I can see you have the below

no ip dhcp snooping information option
and you have vlan 1 added too
ip dhcp snooping vlan 1,100

I dont see how that makes a difference since my vlan 1 is shutdown.

Also, I see you're working with LAYER 2 switch. would you be able to replicate this on layer 3?
0
Hemil AquinoNetwork EngineerCommented:
The concept it's the same in all the switches. Don't use packet tracer to do snopping, it tends to be buggy.
0
Shark AttackNetwork adminAuthor Commented:
i am using real equipment and still having the same issue. I know im not doing anything wrong. I'm using 3560 with no config on it except vlan, dhcp snooping. getting dhcp IP to hosts without the trust port
0
JustInCaseCommented:
Can you, please, paste full device configurations and make sure that PC does not have static IP address configured on interface?
0
Shark AttackNetwork adminAuthor Commented:
here you go. No static on my PC at all

TEST_TEST#sh run
Building configuration...

Current configuration : 1460 bytes
!
! Last configuration change at 14:42:27 UTC Thu Nov 2 2017
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TEST_TEST
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
!
!
!
!
!
!
ip dhcp snooping vlan 1-4094 smartlog
no ip dhcp snooping information option
ip dhcp snooping
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/6
 description HOST
 switchport access vlan 100
 switchport mode access
 spanning-tree portfast edge
!
interface GigabitEthernet0/10
 description UPLINK
 switchport trunk allowed vlan 100
 switchport trunk native vlan 100
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan100
 ip address 10.90.9.253 255.255.255.0
 no ip route-cache
!
ip forward-protocol nd
ip http server
ip http secure-server
!
!
!
!
!
line con 0
line vty 5 15
!
!
end

Open in new window


TEST_TEST#sh ip dhcp snooping
Switch DHCP snooping is enabled
Switch DHCP gleaning is disabled
DHCP snooping is configured on following VLANs:
1-4094
DHCP snooping is operational on following VLANs:
1,100
Smartlog is configured on following VLANs:
1-4094
Smartlog is operational on following VLANs:
1,100
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is disabled
   circuit-id default format: vlan-mod-port
   remote-id: ec1d.8bac.2d00 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface                  Trusted    Allow option    Rate limit (pps)
-----------------------    -------    ------------    ----------------


TEST_TEST#sh ip dhcp snooping statistics
 Packets Forwarded                                     = 27
 Packets Dropped                                       = 0
 Packets Dropped From untrusted ports                  = 0

Open in new window

0
Shark AttackNetwork adminAuthor Commented:
by the way, used to no option 82 and with 82 and no difference, still getting dhcp to host
0
Shark AttackNetwork adminAuthor Commented:
here is a debug of dhcp snooping i took

TEST_TEST#
Nov  2 15:36:41.468: %SYS-5-CONFIG_I: Configured from console by console
Nov  2 15:36:42.863: %LINK-3-UPDOWN: Interface GigabitEthernet0/6, changed state to down
Nov  2 15:36:45.400: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:45.400: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:36:45.404: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:45.404: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:36:45.404: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6,
TEST_TEST# MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:45.404: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:45.404: DHCP_SNOOPING: add relay information option.
Nov  2 15:36:45.404: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:36:45.404: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:36:45.404: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:36:45.404: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:36:45.404: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
Nov  2 15:36:45.425: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:45.425: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:36:45.425: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:45.425: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:36:45.425: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6, MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:45.425: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:45.425: DHCP_SNOOPING: add relay information option.
Nov  2 15:36:45.425: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:36:45.425: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:36:45.425: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:36:45.428: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:36:45.428: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
Nov  2 15:36:47.337: %LINK-3-UPDOWN: Interface GigabitEthernet0/6, changed state to up
Nov  2 15:36:48.340: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/6, changed state to up
Nov  2 15:36:48.497: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:48.497: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:36:48.497: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:48.497: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:36:48.497: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6, MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:48.497: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:48.497: DHCP_SNOOPING: add relay information option.
Nov  2 15:36:48.497: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:36:48.497: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:36:48.497: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:36:48.497: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:36:48.501: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
Nov  2 15:36:54.663: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:54.666: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:36:54.666: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:36:54.666: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:36:54.666: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6, MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:54.666: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:36:54.666: DHCP_SNOOPING: add relay information option.
Nov  2 15:36:54.666: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:36:54.666: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:36:54.666: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:36:54.666: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:36:54.666: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
TEST_TEST#
Nov  2 15:37:11.618: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:37:11.618: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:37:11.618: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:37:11.618: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:37:11.618: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6,u   MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:37:11.618: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:37:11.618: DHCP_SNOOPING: add relay information option.
Nov  2 15:37:11.618: DHCP_SNOOPING_SW: encoding opt82 cin vlan-mod-port format
Nov  2 15:37:11.618: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:37:11.618: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:37:11.622: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:37:11.622: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
Nov  2 15:37:15.736: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:37:15.736: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:37:15.736: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:37:15.736: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:37:15.736: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6, MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:37:15.736: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:37:15.736: DHCP_SNOOPING: add relay information option.
Nov  2 15:37:15.736: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:37:15.736: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:37:15.736: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:37:15.739: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:37:15.739: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
Nov  2 15:37:22.845: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:37:22.845: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:37:22.845: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:37:22.845: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:37:22.849: DHCP_SNOOPING: process new DHCP packet, message type: DHCPREQUEST, input interface: Gi0/6, MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 0.0.0.0, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:37:22.849: DHCP_SNOOPING: message type : DHCPREQUEST DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:37:22.849: DHCP_SNOOPING: add relay information option.
Nov  2 15:37:22.849: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:37:22.849: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:37:22.849: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:

Nov  2 15:37:22.849: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:37:22.849: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.

Open in new window

0
Shark AttackNetwork adminAuthor Commented:
here is the interesting one

Nov  2 15:49:58.288: DHCP_SNOOPING_SW: bridge packet get invalid mat entry: FFFF.FFFF.FFFF, packet is flooded to ingress VLAN: (100)
Nov  2 15:49:58.288: DHCP_SNOOPING_SW: bridge packet send packet to cpu port: Vlan100.
Nov  2 15:50:03.276: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:50:03.276: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Vl100 for pak.  Was Gi0/6
Nov  2 15:50:03.276: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Gi0/6 for pak.  Was Vl100
Nov  2 15:50:03.276: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)
Nov  2 15:50:03.279: DHCP_SNOOPING: process new DHCP packet, message type: DHCPINFORM, input interface: Gi0/6, MAC da: ffff.ffff.ffff, MAC sa: 507b.9d72.dfc4, IP da: 255.255.255.255, IP sa: 10.90.9.52, DHCP ciaddr: 10.90.9.52, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:50:03.279: DHCP_SNOOPING: message type : DHCPINFORM DHCP ciaddr: 10.90.9.52, DHCP yiaddr: 0.0.0.0, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 507b.9d72.dfc4
Nov  2 15:50:03.279: DHCP_SNOOPING: add relay information option.
Nov  2 15:50:03.279: DHCP_SNOOPING_SW: encoding opt82 cid in vlan-mod-port format
Nov  2 15:50:03.279: DHCP_SNOOPING_SW: Encoding opt82 RID in MAC address format
Nov  2 15:50:03.279: DHCP_SNOOPING: binary dump of relay info option, length: 20 data:
Nov  2 15:50:03.279: 0x52
Nov  2 15:50:03.279: 0x12

Open in new window

0
JustInCaseCommented:
The last one is interesting. :)
Host is informed about extension of IP address that was previously assigned by DHCP server. DHCP information was not negotiated by "normal" process (Server should reply with DHCPoffer and DHCPack). Looks like host is informing server that it will use specific IP address.  I am not familiar with this process.
DHCPInform

DHCPInform is a new DHCP message type, defined in RFC 2131, used by computers on the network to request and obtain information from a DHCP server for use in their local configuration. When this message type is used, the sender is already externally configured for its IP address on the network, which may or may not have been obtained using DHCP.  
0
Shark AttackNetwork adminAuthor Commented:
i think it might be the router. I cannot clear arp off of it. Once i do, the DHCP address comes back in arp as "incomplete" but its still there. then then as soon as I plug the pc into the port, i immediately get the same IP which is weird
0
JustInCaseCommented:
Inform is used by computers.  
DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/6)

DHCP_SNOOPING: process new DHCP packet, message type: DHCPINFORM,
Packet is received by interface Gi0/6.
0
Shark AttackNetwork adminAuthor Commented:
should I try different computer?
0
JustInCaseCommented:
You can try anything.
One problem that is hard to solve makes you learn way much more about how things work than 100 smooth implementations.
 :)
0
Shark AttackNetwork adminAuthor Commented:
i actually shut down the interface to the host and configured "ip dhcp excluded-address 10.90.9.50 10.90.9.60" and i still got the same 53 ip
0
JustInCaseCommented:
Mistery almost solved, host is somehow auto configuration itself. I saw few times that there is secondary IP address configured on network card (advanced button on Windows hosts).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Shark AttackNetwork adminAuthor Commented:
alllrightt. Mystery solved. It was the laptop. I got a non desktop/laptop host. Connected to the switch. Works like charm. Played around with different scenarios, and it was blocking until I configured the trust port. Definitely something in the windows auto-config. Thanks for all your help!
0
Shark AttackNetwork adminAuthor Commented:
Thank you!!
0
JustInCaseCommented:
You're welcome.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.