IP DHCP snooping Working principle test

I. Working principle:

A. After the specified VLAN is enabled for DHCP snooping, the ports are divided into trusted interfaces and untrusted interfaces, the default VLAN all interfaces become untrusted interfaces, and the trusted interfaces need to be set manually.

B. For the untrusted interface, you can only receive DHCP request messages and do not send DHCP request messages to this interface.

C. For the untrusted interface, the DHCP response messages that are entered from the interface are also dropped

D. For the trusted interface, there is no restriction and no detection.

This is not true after---test, trusted interface does not issue a DHCP response package if no DHCP request packets enter

---when both the DHCP server and the DHCP client belong to the trusted interface, the DHCP client is able to obtain the IP address normally

---that is, the DHCP response package is issued when the trusted port has a DHCP Request packet entered

In addition, the test also found that:

① for Cisco routers, if you modify the interface Mac, the switch is not known to be forged, and finally get IP into the DHCP snooping binding binding table

② but I don't know why it looks like the switch can recognize Windows hosts modifying their MAC addresses

---Although it successfully obtained the IP address from the DHCP server, the DHCP snooping binding table does not add records

---to empty the switch configuration, restart this situation does not appear, I thought the switch how to recognize it?

---Reboot the switch, the Windows Master photo also flushes the router's record of the binding table in the switch DHCP snooping

③ the same VLAN, the CAM table will not record a duplicate MAC address entry, and the following will flush out the

---Even if Windows modifies the interface MAC address is found by DHCP snooping, the CAM table is updated

---If a duplicate MAC address belonging to a different VLAN is recorded by the Cam table

Two. Test topology: