Requirement:
ArubaOS Switch
Solution:In the following example, switch Rack2sw1 is configured as a DHCP-Client, switch Rack2sw3 is configured as a DHCP-Server, and switch Rack2sw2 is configured for DHCP-Relay and DHCP-Snooping.
Vlan 12 is enabled for DHCP-Snooping, trunk Trk23 is a trusted DHCP interface, and Rack2sw3 (192.168.23.3) is an authorized DHCP server.
Configuration:Rack2sw2(config)# vlan 12 dhcp-snooping
Rack2sw2(config)# dhcp-snooping
Rack2sw2(config)# dhcp-snooping authorized-server 192.168.23.3
Rack2sw2(config)# interface trk23 dhcp-snooping trust
Rack2sw2(config)# vlan 12 ip helper-address 192.168.23.3
VerificationRack2sw2# show dhcp-snooping
DHCP Snooping Information
DHCP Snooping : Yes
Enabled VLANs : 12
Verify MAC address : Yes
Option 82 untrusted policy : drop
Option 82 insertion : Yes
Option 82 remote-id : mac
Store lease database : Not configured
Authorized Servers
------------------
192.168.23.3
Max Current Bindings
Port Trust Bindings Static Dynamic
----- ----- -------- ---------------------
Trk21 No - - 1
Trk23 Yes - - -
Rack2sw2# show dhcp-snooping binding
MacAddress IP VLAN Interface Time Left
------------- --------------- ---- --------- ---------
2c59e5-5f6f00 192.168.12.100 12 Trk21 5373
Rack2sw2# show dhcp-snooping stats
Packet type Action Reason Count
----------- ------- ---------------------------- ---------
server forward from trusted port 4
client forward to trusted port 2
server drop received on untrusted port 0
server drop unauthorized server 0
client drop destination on untrusted port 0
client drop untrusted option 82 field 0
client drop bad DHCP release request 0
client drop failed verify MAC check 0
client drop failed on max-binding limit 0