so, for my own understanding, are we saying unicast DHCP refresh is still handled ok by the DHCP snooping feature? Is it more a problem of DHCP server restart and/or switch reload?
Thanks! On Mon, Aug 10, 2015 at 4:09 PM, Mike <mike-cisconspl...@tiedyenetworks.com> wrote: > On 08/10/2015 06:42 AM, a.l.m.bu...@lboro.ac.uk wrote: > >> Hi, >> >> I've just now discovered a cli command - 'ip dhcp snooping binging >>> ....' - which allows me to directly inject the needed information. >>> This would solve my short term problem and let me get back to a >>> reasonably well populated dhcp snooping table, but the question >>> becomes, is this going to just be what I do if this issue crops up >>> again or is there any configuration work I could do that would make >>> the switch able to maintain this table itself? >>> >> IIRC you need to have the switch see the full original DHCP request >> and not just the half-time refresh....which makes DAI quite painful >> because if the switch has reloaded, then clients that stay up will end up >> failing >> UNLESS you save the state to flash before a reload. static systems >> on the ports also cause pain as they need to be added manually >> (or you can turn off the security features for that port but then you're >> opening >> up attacks via that port....especially bad if its on the same VLAN as >> the other protected ports!). >> >> ip dhcp snooping database is the option for saving/recording the >> translations >> (flash, URL, TFTP etc) >> >> alan >> >> \ >> > > Actually, I have that already and yes it works and yes it reloaded the db > when I reloaded when trying out the SE7 code. My issue is that due to some > reason I still don't comprehend, the snooping database was seriously out of > whack and the clients were only doing that half time refresh, which wasn't > enough to let this ship right itself. Still trying to understand how this > came to be. > > Thank you. > > > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/