Unsolved
This post is more than 5 years old
1 Rookie
•
62 Posts
0
6466
Force10 MXL 10/40 dhcp snooping issue
Hello, community, I'm trying to implement "DHCP Snooping" on Dell Force10 MXL switches, but looks like those switches behave differently if we compare to other vendors. Can somebody point to correct CLI command, if I missed something?
What we have:
Dell Force10 MXL 10/40 - software version 9.9
ip dhcp snooping ip dhcp snooping vlan 1-4094 ip dhcp snooping trust ( on the interface level for required ports )
I also tried to add, but it didn't change anything
ip dhcp relay information-option trust-downstream
In the logs I'm seeing following repeated messages:
DHCP message from server((null)) has no giaddr present - repeated 3 times
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 31st, 2018 10:00
Are you wanting to relay DHCP requests from one VLAN to another? If so, I believe you need to configure the ip helper address.
# ip helper-address {DHCP server IP Address}
http://dell.to/2DRBaiu
murmanov
1 Rookie
1 Rookie
•
62 Posts
0
January 31st, 2018 11:00
This configuration from switch with server connected to it and at this moment we're trying to implement snooping in single vlan. Port with server was configured as trust and after that this message appeared in the log and non of the clients are getting ip from this server.
I believe there should be option to allow empty giaddr field like it exist on Cisco gears
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 31st, 2018 12:00
I see, thanks for the extra information. Taking out the DHCP relay portion should take care of option 82 being used.
# No ip dhcp relay information-option trust-downstream
Just to confirm, the trust mode command is on the server facing interface?
Can you please post up the output from the following command?
# show ip dhcp snooping
murmanov
1 Rookie
1 Rookie
•
62 Posts
0
January 31st, 2018 12:00
Here is current config, dhcp snooping disabled globally since chassis is in production at this moment
Ports number 44 are uplinks, 9 and 4 are dhcp servers half-size blades.
I tried both options with and without "information-option trust-downstream", but nothing changed
murmanov
1 Rookie
1 Rookie
•
62 Posts
0
February 1st, 2018 06:00
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
February 1st, 2018 06:00
I was running through the commands you have implemented and received a warning when issuing the snooping vlan command.
Dell(conf)#ip dhcp snooping vlan 1-4094
% Warning: Snooping cannot be enabled on default vlan.
Did you run into this same message? Or has the default VLAN been changed?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
February 1st, 2018 07:00
For some reason I was thinking this was all on VLAN 1. In the show output, were there any VLANs listed after
If not, can you please try just enabling the snooping on VLAN 30?
murmanov
1 Rookie
1 Rookie
•
62 Posts
0
February 2nd, 2018 00:00
Hello, Daniel, thanks for your help
Sorry for confusing situation, let me clarify everything one more time in order to give you more wide understanding about existing issue. You're not seeing list of VLANs because there were 4094, one in a row, that's why I didn't post them.
We have tested 2 different cases for dhcp snooping feature in chassis switch, I'll provide explanation below:
1. MXL 10/40 connected to Cisco ToR switch, DHCP client connected to MXL switch and DHCP server connected to ToR switch. In this configuration everything was fine, MXL determined DHCP client host, added entry to snooping table and etc. Everything in the same VLAN
2. DHCP server and client connected to MXL switch, same configuration, server's port configured as trusted, but DHCP client never receives IP from the server
We tried different DHCP servers, dnsmasq and isc-dhcpd
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
1
February 2nd, 2018 05:00
Thanks, I just wanted to be sure the VLANs were listed. I could not find a command that would allow for zero giaddr. I would like to help look into this further and have sent you a private message requesting some additional logs from the switch. I look forward to hearing from you.
murmanov
1 Rookie
1 Rookie
•
62 Posts
0
February 7th, 2018 01:00
Found post similar to mine. Just adding here for history
https://www.dell.com/community/Networking/DHCP-snooping-between-multiple-switches-and-how-to-make/m-p/5173077
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
February 19th, 2018 13:00
For anyone else experiencing similar behavior. What we found was that the switch may need to have DHCP relay enabled, even if the interface is layer 2. The switch will also need to have each VLAN created on it, and snooping enabled on that VLAN.