Cisco Switches :: ESW 520 IGMP Snooping?

Sep 25, 2011

I have to deploy a full IP-TV solution and the IGMP snooping must be supported on the switch.

I know the the ESW 520 support this protocol but the full IP-TV solution will manage uo to 200 set up boxes, does this switch support all this traffic?

I also have another question, what exactly mean "Combo SFP slots include one 10/100/1000BASE-T Ethernet port and 1 SFP-based Gigabit Ethernet slot for fiber, 1 port active at a time." ? Is when I use 1 port with LX sfp transcever the 3 other uplink ports will be inactive and I can't add another or trunk it with another switch?

View 2 Replies


ADVERTISEMENT

Cisco Switches :: Setting Up IGMP Snooping On SG 300-10

Oct 3, 2011

i want to setup IGMP Snooping on the Managed Switch SG 300-10. I do it over the webinterface. Enable Bride Multicast Filtering, Forwarding Method IP Group Address and enable IGMP Snooping v3. In the local Network i stream up to 4 Multicast streams 239.1.1.1-239.1.1.4. The client vor the Multicast are IP setupboxes. If i connect PRTG Network Monitor over SNMP to see the Traffic on the ports i see that all Multicast streams are at every port. What is the false i do? I thought only the multicast stream that is shoosen at the client are forwarding and not all multicast streams. The IP STBs have only a 100Mbit network adapter and i have to muticast over 10 Streams (10Mbit per stream) over the local VLAN. So i think IGMP Snooping is the solution for me. Or need i also a Multicast router?

View 1 Replies View Related

Cisco Switches :: Setting Up IGMP Snooping On SG300

Apr 3, 2012

I have some problems with IGMP snooping feature on the SG300 switch. I want to filter multicast dinamycally with IGMP snooping. To configure our switch I use the web page: - In Multicast I first enable: Bridge Multicast  Filtering Status Thzn I enable IGMP snooping ,Then I enable IGMP Snooping on my VLAN During my tests I stream a video (UDP multicast). This stream is present on all the ports of my VLAN with IGMP snooping normally configured. Also, I can't see any entry in the IGMP/MLD IP Multicast Group  Table where I should normally see my multicast address.

View 4 Replies View Related

Cisco Switching/Routing :: 861 Do Not Use IGMP Snooping?

Nov 21, 2011

I useing Cisco861  : C861-universalk9-mz.124-24.T3.bin on my Cisco861 the command "ip pim dense-mode","ip igmp static-group "command does not exist,
 
router(config)# ip p?
port-map    prefix-list
router(config)#

[Code]....

View 4 Replies View Related

Cisco Routers :: SRP527W VPN For MAC To Run IGMP Snooping

Sep 12, 2012

I have a network which is based upon a 4507 Core/Dist switch, with 1G fibre to a bunch of radially connected 2960 Access switches. It all works fine and as expected for data and telephony.I have been tasked with setting up one of the VLANs to support multicast, so a bunch of video streams will be injected at the 4507, and will be delivered to client PCs connected to the 2960 switches.The 4507 is running with SVIs to some VLANs, but the VLAN that will have the Multicast on it is isolated, with no SVI.I could change this if required,I need to run IGMP snooping, and probably deploy CGMP to take advantage of the Cisco-proprietary functionaity.

View 4 Replies View Related

Cisco Switching/Routing :: IGMP Snooping On 3560

Nov 28, 2012

how to configure igmp snooping on a 3560.
 
I have a pure L2 switching network and 2 hosts on the same vlan that want to communicate a protocol between each other using multicast packets.
 
I wanted to configure ip snooping only on this vlan and create a multicast group limited to only these 2 host ir order to make sure that the multicast traffic is only between both of them.
 
Since both are sender and receiver I´m not quite sure on how to configure this. In theory I also need to set an IP Multicast Address on the switch to where the hosts will send their multicast packets.
 
This is basically the network:
 
HOST_A---|SWITCH_A|==|SWITCH_B|---HOST_B

View 11 Replies View Related

Cisco Switching/Routing :: IGMP Snooping On The Cat3560?

Oct 10, 2012

In the following topology
 
R1(f0/0)------------(f0/1)SW1(f0/2)------------R2
  
R1 is configured as host (no ip routing) with ip igmp join 239.10.10.10 on fa0/0 and R2 with ip pim sparse-mode on f0/0. SW1 is a Catalyst 3560 running IOS 12.2(25)SEE4 working at Layer 2 only in this topology (VLAN 1).
 
I configured SW1 for igmp snooping:
 
ip igmp snooping
ip igmp snooping vlan 1
  
Basically, I can see 'snooped' muticast group (via IGMP reports sent by R1)
 
SW1#sh ip igmp snooping group
Vlan      Group             Type        Version     Port List
----------------------------------------------------------------
1         224.0.1.40        igmp        v2          Fa0/2
1         239.10.10.10      igmp        v2          Fa0/1, Fa0/2
SW1#
SW1#
SW1#

[code]....

View 4 Replies View Related

Linksys Wireless Router :: E4200 And IGMP Snooping?

Jul 20, 2011

Is the E4200 able to deal with IGMP snooping (v2/v3)?I would like to replace a motorola/netopia vdsl-router which handles internet tv-traffic.

View 4 Replies View Related

Cisco WAN :: IGMP Snooping Configuration For Multicasting On Catalyst 3020

Nov 24, 2011

Our switch model is "Cisco Catalyst Blade Switch 3020 for HP"We are building HA (High Availability) Databases infrastructure.Currently, there are two nodes(hosts- servers) and two above switch for HA.Oracle said we need to turn off the IGMP Snooping in order to use the multicasting for their interconnect communication.So my question is: Is there any way to use Multicasting without turning off IGMP Snooping on Switch side?If 'yes', how can we configure the switch for Multicasting ?Oracle uses 230.0.1.0 & 224.0.0.251 IPs with 42000 range port for Multicasting communication.

View 1 Replies View Related

Cisco Application :: IGMP Snooping Configuration For Multicasting On Catalyst 3020

Nov 24, 2011

IGMP Snooping configuration for Multicasting on Cisco Catalyst 3020 Our switch model is "Cisco Catalyst Blade Switch 3020 for HP" We are building HA (High Availability) Databases infrastructure.Currently, there are two nodes(hosts- servers) and two above switch for HA.Oracle said we need to turn off the IGMP Snooping in order to use the multicasting for their interconnect communication. Is there any way to use Multicasting without turning off IGMP Snooping on Switch side?, If 'yes', how can we configure the switch for Multicasting ?

View 1 Replies View Related

Cisco Infrastructure :: IGMP Snooping Configuration For Multicasting On Catalyst 3020

Nov 24, 2011

IGMP Snooping configuration for Multicasting on Cisco Catalyst 3020 
 
Our switch model is "Cisco Catalyst Blade Switch 3020 for HP" We are building HA (High Availability) Databases infrastructure. Currently, there are two nodes(hosts- servers) and two above switch for HA.
 
Oracle said we need to turn off the IGMP Snooping in order to use the multicasting for their interconnect communication. So my question is:
 
Q1> Is there any way to use Multicasting without turning off IGMP Snooping on Switch side?
 
Q2> If 'yes', how can we configure the switch for Multicasting ?
 
Oracle uses 230.0.1.0 & 224.0.0.251 IPs with 42000 range port for Multicasting communication.

View 1 Replies View Related

Cisco Switching/Routing :: Nexus 7010 - IP IGMP Snooping Querier

Sep 23, 2012

I've got a pair of Nexus 7010's running vPC. I am having a Multicast issue with a cluster of Linux servers that need to talk Multicast for cluster/high-availability operation. All the servers need to talk to a single multicast address and I am having trouble getting them to communicate. I believe I need to enable IP IGMP Snooping Querier on the N7K's and it needs to be enabled on the VLAN where the servers reside. How to enable IP IGMP Snooping Querier on a VLAN ?

View 5 Replies View Related

Cisco Switching/Routing :: Default IGMP Snooping Is Enabled On 3750 From Documents

Nov 14, 2012

We have a 3750 acting as the core. By default IGMP snooping is enabled on cisco 3750 from the documents.but, when we see the ip mroute table on the switch, it doesnt show any output.

View 40 Replies View Related

Cisco Switching/Routing :: IGMP Snooping Configuration For Multicasting On Catalyst 3020

Nov 24, 2011

Our switch model is "Cisco Catalyst Blade Switch 3020 for HP" We are building HA (High Availability) Databases infrastructure.Currently, there are two nodes(hosts- servers) and two above switch for HA.
 
Oracle said we need to turn off the IGMP Snooping in order to use the multicasting for their interconnect communication.So my question is:
 
Q1> Is there any way to use Multicasting without turning off IGMP Snooping on Switch side?
 
Q2> If 'yes', how can we configure the switch for Multicasting ?
 
Oracle uses 230.0.1.0 & 224.0.0.251 IPs with 42000 range port for Multicasting communication.

View 1 Replies View Related

Cisco Switching/Routing :: 6500 / IGMP Snooping - All Mcast Traffic Forwarded To Mrouter Ports?

Mar 22, 2012

I've been looking into IGMP snooping and have read that a L2 switch will forward multicast traffic to all ports connected to an interested receiver AND all mrouter ports. In a L2 'V' topology this results in all multicast traffic routed onto a VLAN being forwarded to the 2nd distribution switch. My question is how should a 6500 Sup720 deal with this unwanted multicast traffic? Both a Local SPAN of the RP and a Netdr capture suggest that this traffic is punted to the RP and ultimately dropped. Is this expected behavior or should the traffic be dropped in H/W?

View 2 Replies View Related

Cisco Switches :: SG300-28P Multicast (IGMP) And Routing

Dec 11, 2012

A brief background on the setup: I recently switched out my switch.  It was a Cisco 3750 10/100 switch and I wanted to upgrade to Gig.  The cost of a Gig+POE 3750 is too much to bite so I opted for the SG300.  My router is a Cisco 891.  Here is the setup:
 
Cisco 891:
two SVI's: vlan1 and vlan 100
Vlan1 = 10.0.1.1/24

[Code].....

With the 891+3750, I was able to add "ip pim sparse-dense-mode" on all the SVI's and hosts could join any multicast group, irregardless of which vlan the host was a member of.
 
Now I've changed switches, and I dont get the same love.  I have the PIM statement on both SVI's on the 891, but Im unsure of what I need to configure on the SG300.  I have enabled "Bridge multicast filtering" + "IGMP snooping".  What can I do to get similar functionality using the SG300 + 891?  I assume this is my lack of understanding IGMP in general, but was able to get away with it using the PIM statements on the 891+3750 stack.

View 4 Replies View Related

Cisco Switches :: SRW2024P-K9-XX DHCP Snooping

Jul 24, 2012

I have an issue with SRW2024P-K9-BR (SG300). Datasheet and configuration guide show me that is possible configure DHCP snooping in this switches, but web interface and console don't appear related menus/commands.
 
I'm using firmware version 1.1.2.0 and didn't found anything about this here.

View 3 Replies View Related

Cisco Switching/Routing :: 3750G / Switches Flooding Multicast Streams But IGMP Enabled?

Nov 3, 2011

I have a 2x Cisco 3750G switches (Stacked) that are part of an IP Video Surveillance System .All network is set to 1 VLAN (VLAN 1 default).The Cisco SWs ( Core )  are configured with IGMP Querier + Snooping .Connected to the Cisco SWs are 4 Fiber Rings(Loops)  for redundancy . RSTP and IGMP Snooping are enabled on all the network SWs .Network Architecture Figure :
 
When all Fiber Rings (Loops ) are connected , the Cisco and Ring SWs spanning-tree tables show the blocked and forwarding ports properly .I am able to connect all my IP Cams + Encoders to the Ring SWs and connect my Servers + WorkStations to the Cisco SWs to record and view the multicast ip streams .All streams from Rings 1 ,3 and 4 are getting normally to the Servers + WorkStations through multicast ( IGMP Snooping are filled correctly on the Cisco and non-Cisco SWs ) . All multicast streams are joined normally except for Ring 2 .The Multicast streams passing through Ring 2 will operate normally for around 2 hours then after that the Fiber SWs begin to flood their multicast traffic causing the cams on the same switch to drop off the network .

I checked the Configuration of all the SWs on Ring 2 but all are are the same .

What is weird is that I have to set all the streams to unicast to stop the flooding just on Ring 2 (All other rings are not affected ) then after some time if I enabled a video multicast stream on one of the SWs of the Ring it will be streamed properly to the Servers + WorkStations ( All IGMP tables along the way will be filled properly ) then again after 2 hours or so , the flooding will start again suddenly and all IGMP  table entries for the SW on Ring2 will be empty . No problem occurs on the other Rings which have more multicast streams .

View 0 Replies View Related

Cisco Switching/Routing :: 2960 - DHCP Snooping Multiple Switches AP Autonomous

May 7, 2013

I have a problem with DHCP. I have two 2960 connected with a port channel on ports 47 and 48 as trunk with native vlan 10. I only have this one vlan. In port 1 of sw 1, I have a C800 as DHCP server.
 
I have an AP autonomous with single ssid on vlan 10. When I connect the AP to sw1, I receive dhcp with no problems.When I connect the AP to sw 2, I’m not getting IP by DHCP.I have DHCP snooping working on vlan 10 on both devices.
 
The ports where I connect the AP are access ports on vlan 10 config as trusted.The trunk ports are also configured as trusted.The port 1 of ws 1 that goes to the C800 is also configured as trusted.
 
figure out why I’m not getting IP by DHCP when I connect the AP to the SW 2.The only I notice is that when I connect the AP to sw 2, I get on SW 1 the message of packet drop by option 82, but even after configuring ip dhcp snooping information option allow-untrusted on both switches, the problem persists.

View 5 Replies View Related

Cisco Switching/Routing :: Apply DHCP Snooping On 4500 Series Switches Working As L2 In Network

Sep 25, 2012

I need to apply DHCP snooping on 4500 series switches working as L2 in my Network. We have external DHCL Server in another location connected with 6500 series switch.   
 
Running EIGRP                                                      Configured Voice & Data Vlan both
DHCP Server -------- 6509 switch<----------------------------------->6509 Switch -------- 4500 switch ----------------------------------------------------------Ip Phones.               
(ving Redundant)                                  (ving Redundant)   
 
I need to know whether the configuration which I mentioned in scenario is enough for apply DHCP snooping in my network.

View 4 Replies View Related

Cisco Switching/Routing :: IP Igmp Filter Command On 2960G?

Jun 21, 2012

I am unable to configure an interface using the "ip igmp filter <profile #>" command on a 2960G running 12.2(58)SE2. The switch allows me to create a profile using the "ip igmp profile <profile #>" global configuration command. It also lets me enable filtering with the global "ip igmp filter" command (which I didn't see in the documentation). But, the command is not accepted when configuring an interface. "ip igmp ?" does not even show "filter" as a valid auto-complete when in configure interface mode, and the command is rejected if I try to enter it.
 
I verified the command worked on a much earlier version of IOS, so it must have broken somewhere along the line. I'm wary of moving up to 15.0(1)SE. Is that a major IOS change?

View 5 Replies View Related

Cisco Switching/Routing :: IGMP On 6500 Versus 4500

Mar 11, 2012

I encountered a problem migrating configuration from Cisco 4500 with IOS 12.2(53)SG4 to Cisco 6500-VSS with IOS 12.2(33)SXI7.
 
With 4500, we had  2 servers with JBoss running multicast to build up the cluster. They used 239.X.X.X multicast IP. There was no need to configure "ip igmp snooping vlan XX static XXXX.XXXX.XXXX interface X" neither static arp entry.
 
When we migrated to 6500 in VSS, we had to do:
 
mac-address-table static XXXX.XXXX.XXXX vlan XX interface X disable-snooping
 
With this command, the JBoss cluster worked well. The question is, ¿Is there any difference regarding IGMP in 4500 versus 6500?

View 3 Replies View Related

Cisco Switching/Routing :: IGMP And QoS On CAT6500 Platform With SUP720 Engine

Mar 27, 2013

I am having problems with IGMP and QoS on CAT6500 platform with SUP720 engine.The problem is, it seems that all IGMP packets are getting marked with DSCP 48 when sent out of the switch regardless of any input service policy. I found several articles saying that PFC QoS does not apply to IGMP packets. However in IOS 15 that should be possible, but I didn't get it to work there either. [code]

View 0 Replies View Related

Cisco Switching/Routing :: 3560E-24TD And IGMP In Layer 2 Environment

Apr 13, 2011

I have 3560e which doesn't appear to be passing igmp traffic to the upstream router
 
PC1 ----------- ASA ------------ PC2--------- 3560e ----------- 3825 -------------------- WAN --------------------- Router ------------- Server
 
My ASA runs SMR, has an igmp forward interface outside command on the inside and has a trunk port to the 3560e (V lans 32 & 48).PC2 is a test pc on the 3560e on vlan32. 3825 is my ISPs router on vlan32.
 
- if i try to access the stream from PC2 it works. 
- if i try to access the stream from PC1, i see the igmp join leave my ASA onto the 3560E (i've captured on the 3560e's link to the ASA). 

I've also captured on the ASA and i can see the igmp packet leave the outside interface but the join doesn't reach the 3825 (i've captured on the 3560e port facing the router and there is no join being forwarded).the switch is running in layer 2, 12.2(35r)SE1.
 
switch#sh ip igmp snooping querierVlan      IP Address               IGMP Version   Port---------Switch# 
Global IGMP Snooping configuration:------------------------IGMP snooping                : EnabledIGMPv3 snooping (minimal)    : Enabled Report suppression    : Enabled TCN solicit query    : Disabled TCN flood query count        : 2Robustness variable          : 2Last member query count      : 2Last member query interval   : 1000

View 2 Replies View Related

Linksys Cable / DSL :: WAG120N Don't See Any Options Where To Enable IGMP On WAN Interface

Jan 12, 2010

I have an WAG120N that works just fine except the IPTV.I don't see any options where I can enable the IGMP on the WAN interface (DSL).In the routing table I see a route 239.0.0.0 255.0.0.0 gw 0.0.0.0 that is only for LAN interface.how to enable the IGMP on the WAN interface. 

View 6 Replies View Related

Cisco LAN :: C2950 IOS For DHCP Snooping And DAI

Oct 10, 2012

What image i would need for my 2950 to enable DHCP snooping and DAI features (just for lab purpose)?
 
or are these features just available on the bigger modular switches (4500 and 6500)?
 
>sh ver
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8a, RELEASE SOFTWARE (fc1)

[Code].....

View 4 Replies View Related

Cisco :: No Entry In DHCP Snooping Database?

Apr 29, 2011

an attacker have configured his PC with an static IP address but there is no such entry configured statically in switch, neither in DHCP snooping database.now when he want to generate traffic will switch block him? because there is no entry of his PC in the switch database.

View 2 Replies View Related

Cisco Wireless :: WLC 5508 - Bonjour Snooping

May 5, 2013

Have 7.4 installed and configured for Bonjour Snooping. All is working, but working too well. We have a large campus that house 2 schools and each school is complaining that they can see the other schools Apple TV devices.
 
I have played around with a few different scenarios to see if I can localize the bonjour traffic. I guess I am looking to create a logical split for bonjour devices among the schools. Apple came to the school and informed us that the I PAD has a limit of 64 devices that can be seen via the bonjour. At some point we will have over 100 Apple TV added.
 
so we have 3 wlc 5508's with 7.4.100. we have 2 SSIDs that span the whole campus using AP groups to segment the floors in buildings. So the schools are logically split with AP groups.
 
Here is what I have tried, I created few mDNS profiles and assigned the services for Apple TV - let's call them school1 and school2. I assign the mDNS profiles to the interfaces dedicated each school. Enable snooping on the W LAN with profile of none. The end result is that devices from both schools can be seen.
 
I tried to create new ssid for apple TVs and a new ssid for 1 schools teachers. I followed the v lan select example [URL]. End result is that devices from both schools can be seen. I have tried the mDNS without multicast enabled just like the video shows to no avail - I assume maybe my AP groups might be more complicated then the example of just 2 v lans. [URL].
 
I have tried combinations of things, but I must be missing something . In the webinar, Cisco said it will use filtering to restrict which  clients can see which services (Apple TV's, etc). What will Cisco use to  filter Bonjour requests? According to this article
[URL].
 
The filtering options are: · Per W LAN/SSID · Per V LAN or AP  Group · Per Interface Group (which is a group of V LANs pooled together). A Bonjour service policy can be created and applied on any one of  the above criteria. In the future, we will support per-user Bonjour  service policies which will come as a RADIUS attribute from the AAA server. Read more: [URL].

View 15 Replies View Related

Cisco WAN :: C2950 / IOS Support For DHCP Snooping

Jan 7, 2012

I am running DHCP snooping for VLAN 1 on below switch
  
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA4a, RELEASE SOFTWARE (fc1)
Model number: WS-C2950-24
 
Looks like below IOS does not support snooping. 
 
Model number: WS-C2950-24
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(14)EA1a, RELEASE SOFTWARE (fc1)

View 3 Replies View Related

Cisco Switching/Routing :: ME 3400 - DHCP Snooping

Sep 27, 2012

I have a problem at a place where 5 ME3400 switches are connected in a straight line. I can't do much about the topology of that place, but the problem is they are all DHCP Snooping, but uni cast replies from the dhcp server further up the hierarchy gets eaten by the first switch! I can't really see why it not only inspects in and whines about it not being for itself - it then drops the message.
 
What have we done wrong (apart from the actual layout of that place, which I can't really change)?
 
Sep 28 13:49:29: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/1)
Sep 28 13:49:29: DHCP_SNOOPING: process new DHCP packet, message type: DHCPOFFER, input interface: Gi0/1, MAC da: 7444.012d.debd, MAC sa: 0013.1a4a.65c7, IP da: XX.YY.186.7, IP sa: XX.YY.186.1, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: XX.YY.186.7, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 7444.012d.debd
Sep 28 13:49:29: DHCP_SNOOPING: binary dump of option 82, length: 20 data:
[Code] ......
 
It really should just send it on, as with any uni cast not on the switch itself - it should go out Gi0/2 really. Why isn't it?
 
[core] -- [sw1] -- [sw2] -- [sw3] -- [sw4] -- [sw5]
 
All the trunks are trusted, DAI is on (I've tried shutting it off, as well), port-security is used but it's actually not dying on the switch having the client computer, but the first one in the chain with dhcp snooping. 

View 6 Replies View Related

Cisco Switching/Routing :: DHCP Snooping On 6506

Mar 2, 2013

I have a problem with high CPU load by DHCP Snooping process on Catalyst 6506 (WS-SUP720-3B, soft: s72033-ipservices_wan-mz.122-18.SXF11.bin). I have it enabled on 15 VLANS, in which there are subscriber devices residing, and sending DHCP requests through Cisco to DHCP server (Cisco acts as DHCP relay, and it's collecting the snooping database, I also use DAI).
 
Snooping database contains 6962 bindings now.
 
CPU load goes high only sometimes, and I don't have a clue, why it's going so high. It can load as high as 45-47% of CPU, like this:

PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process
116    81471244 322596368        252 42.95% 43.48% 36.06%   0 DHCP Snooping 

When the load is high, the command: show ip dhcp snooping statistics is showing, that the overall quantity of
Packets Processed by DHCP Snooping is increasing rapidly. In normal situations, it's like 10-20 packets per second, but when the load is high, it's 1000-10000 pps.
 
But when I look at SPAN from my subscriber's VLANS, I don't really see any flood of DHCP requests, or something like that - everything looks as usual. Maybe, some of subscriber's devices are sending incorrect DHCP requests, that are causing packets to loop inside RP, or something like that? How can I detect that thing?
 
Also I thought, that if I enable the ip dhcp snooping trust mode on all of the Catalyst interfaces, the DHCP snooping will not process the subscribers DHCP packets, and I can, by exclusion of interfaces from one to one, detect, from which interface the problem is originating. But this seems to be incorrect, I turned the ip dhcsp snooping trust on all interfaces, and I still get spikes of CPU load by DHCP snooping process. Why it's still examining packets, even on trusted interfaces, is it ok?
 
And one more question - if I disable the ip dhcp snooping globally, will it clear all my existing bindings in snooping database?

View 3 Replies View Related

Cisco Switching/Routing :: 3560 Implement DHCP Snooping

Oct 12, 2011

I have attempted to implement DHCP snooping and have been having some strange issues. I have 5 3560s taht I use for my edge and when I attempt to implement on all five, the VLAN that houses my voice data appears to no longer be able to recieve DHCP lease renewals so after the 24 expiration all of my phones lose their configs. Once I roll back the changes the voice VLAN comes back. The other VLANs seem to function correctly as theya re able to renew their DHCP addresses.
 
The 3560s tie into each other using GIG Ports 1 & 2 and the top and bottom switches tie into our core switch, a 4507. The config that I use is below, failry simple and straightforward.

4 of the 5 switches feed our general office vlans for voice and data however the 5th switch is there for expansion and not in use. As such I have left the config changes in place on it and have tied myself and a colleague into it and have been operating fine for over a week now. So the config that I use seems sound in theory and should work on the other 4 switches with no issue.

View 14 Replies View Related

Cisco Switching/Routing :: 6500 IP DHCP Snooping Over L3 Links

Apr 9, 2012

I am working in a environment that is classed as collapssed Layer 3 environment.  We have a core 6500 with routed links to 3560's which are access switches.
 
We have layer 3 vlans on the access switches, one for data one for voice.On the layer 3 vlans we have ip helper addresses that are used for DHCP.  The DHCP servers are located on the 6500.
 
I recently had a incident where someone plugged a netgear router into a desk point because they thought they could use it for a switch.  This router then started to dish out IP addresses to people in the morning for those who came in and docked their laptops.  99% of people weren't affected because they have desktop PC's are their leases hadn't expired.
 
Now we have bpduguard, bpdufilter to prevent people from plugging in switches that send out BPDU's.  However this doesn't prevent the above senario where someone plugs a router or a 'dumb' switch that doesn't send BPDU's.Because of the above senario I started looking at DHCP Snooping, but I am unsure on a couple of things.
 
With the topology of our network I understand that I don't need to configure IP DHCP Snooping Trust on the L3 uplinks to our core switch.  From what I understand I just need to enable IP DHCP Snooping globaly and then on the VLAN's on the access switch (because of the L3 topology VLAN's are local to the access switches).  Only if I had L2 uplinks to the core would I need to configure IP DHCP Snooping Trust on the trunk links.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved