(iv) Cisco DHCP snooping instance 2-multi-switch environment (DHCP server and DHCP client in different VLANs)

Test topology

Environment: DHCP server and client are in different network segments

Configuration of DHCP server

No IP routing IP dhcp pool vlan27    172.28.27.0 255.255.255.0   172.28.27.254    172.28.28.15 172.28.28.16  172.28.28.254

configuration of the L3-switch

interface Vlan27 IP DHCP relay information trusted172.28.27.254 255.255.255.0 IP helper-address 172.28.28.253

Access Switch configuration

IP DHCP snooping VLANIP dhcp snoopinginterface GigabitEthernet0/1mode  trunk media-  type Duplex Full no negotiation auto IP DHCP snooping trust

Description: The L3 switch here also needs to configure IP DHCP relay information trusted command (within the VLAN) or globally configure IP DHCP relay information trust-all , the original example of the previous blog is the same reason

Because the Access-switch access layer switch turns on IP DHCP snooping information option by default, At this point the access layer switch inserts the OPTION82 information into the DHCP request message from the client (see here for option82), because DHCP server and the client are in the same network segment and are not DHCP relay agents, for Cisco's DHCP In the case of a server, if a request packet with Option82 is received, it is considered a request message from a DHCP relay agent, and the Giaddr field of the message is checked, but because it belongs to the same network segment, the field is 0.0.0.0 DHCP. The server will consider an illegal address, and this message will be discarded, causing the client to obtain no IP address

(iv) Cisco DHCP snooping instance 2-multi-switch environment (DHCP server and DHCP client in different VLANs)