Comware

Hi all,
I have several 28/2600 switches and I want to enable dhcp-snooping.

I configure it like this:

dhcp-snooping
dhcp-snooping authorized-server [ip-addr]
dhcp-snooping vlan [vlan]
no dhcp-snooping option 82
dhcp-snooping trust [interface]

And it seems to be working.

However when a switch is connected to another switch, the dhcp logg in my server starts filling up with DHCPDISCOVER's from both switches. Like this:

May 6 18:18:38 dhcpd: DHCPOFFER on 89.253.73.50 to xx:xx:xx:xx:xx:xx via 10.100.225.2
May 6 18:18:38 dhcpd: DHCPDISCOVER from xx:xx:xx:xx:xx:xx via 10.100.225.3
May 6 18:18:38 dhcpd: DHCPOFFER on 89.253.73.50 to xx:xx:xx:xx:xx:xx via 10.100.225.3
May 6 18:18:38 dhcpd: DHCPDISCOVER from xx:xx:xx:xx:xx:xx via 10.100.225.3

It seems that the switches them selves send the DHCPDISCOVER unicast to the server. Is that the correct behaviour?

Does anybody have any experience with dhcp-snooping on these switches? The manual doesn't say much...

Best regards

AFAIK DHCP-snooping only works if the routing enabled on the HP Procurve switch. This is the biggest HP Procurve DHCP-snooping implementation disadvantage.

Thank you for you're reply. That's bad news however.

I can't find anything in the manuals, does anybody else have any experience with dhcp-snooping and can confirm the need of ip routing turned on?

Hi !


>Does anybody have any experience with dhcp-snooping on these switches?


I have more or less exacly the same layer 2 configuration on some of our 2650 switches
and it is working, but you need the latest
firmware H.10.35 if you want a stable dhcp snooping solution.

Roar,
Are you using this feature without ip routing enabled?

I'm running H.10.31, are you saying HP made improvements to the dhcp-snooping feature in later code?

DHCP snooping is working without routing enabled.

For updates and DHCP documentation always refer to the latest release notes:
ftp://ftp.hp.com/pub/networking/software/2600-RelNotes-h1035-59906003.pdf

And here you will find that two bugs have been fixed:
Crash (PR_1000392148) â Repeatedly toggling DHCP Snooping on and off may crash the
switch with a message similar to: Software exception at bcmHwDsnoop.c:195 -- in
'mAdMgrCtrl', task ID = 0x65a3370 -> BCM ASIC call failed: Table full.


DHCP Snooping (PR_1000403133) â DHCP-Snooping stops working after some period
of time.


Have fun

>Are you using this feature without ip routing enabled?

Yes.

>I'm running H.10.31, are you saying HP made improvements to the dhcp-snooping feature in later code?

Advise you to upgrade to H.10.35.

Hi,

I have another issue. 2650 with H 10.50 and 3500 with K 12.51 connected via a trunked uplink (2 ports bundled) and dhcp server connected to the 3500. I am trying to implement dhcp-snooping on 2650 and am getting error message while trying to configure "interface trk1 dhcp-snooping trust" in order to receive dhcp offer thru this trunked uplink. Message says that I can not configure this feature on trunked interfaces. How do i then achieve dhcp snopping thru switch to switch uplinks which are bundled?

Thanks

hi
when other switch connected before check uplink port trust port
you make sucessfull dhcp-snooping config

switch to switch link and switch to dhcp server link ports assign trust port other all ports untrust

good luck