Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------- * 1 50 WS-C2960+48TC-L 15.0(2)SE5 C2960-LANBASEK9-M Configuration register is 0xF配置 DHCP snooping后,show ip dhcp snooping 显示都正常
XYJ-C2960_11#show ip dhcp snooping Switch DHCP snooping is enabled DHCP snooping is configured on following VLANs: 1-100 DHCP snooping is operational on following VLANs: 1-2,4-18,20-25,100 DHCP snooping is configured on the following L3 Interfaces: Insertion of option 82 is enabled circuit-id default format: vlan-mod-port remote-id: 84b5.17ea.5c80 (MAC) Option 82 on untrusted port is not allowed Verification of hwaddr field is enabled Verification of giaddr field is enabled DHCP snooping trust/rate is configured on the following Interfaces: Interface Trusted Allow option Rate limit (pps) ----------------------- ------- ------------ ---------------- GigabitEthernet0/1 yes yes unlimited Custom circuit-ids: GigabitEthernet0/2 yes yes unlimited Custom circuit-ids: Port-channel1 yes yes unlimited Custom circuit-ids:
但是untrust口依然放行 DHCP offer包,
并且在 show ip dhcp snooping binding 没有显示任何有效条目
XYJ-C2960_11#show ip dhcp snooping binding MacAddress IpAddress Lease(sec) Type VLAN Interface ------------------ --------------- ---------- ------------- ---- -------------------- Total number of bindings: 0 XYJ-C2960_11# XYJ-C2960_11#
最后去google一下,才知道这是该版本的一个BUG
url1 url2
只能通过升级上去解决问题。
没有评论:
发表评论