Ruijie Community

Title: DHCP Relay does not work with DHCP Snooping? [Print this page]

Author: aliturkdogan@bi Time: 2023-1-3 22:14
Title: DHCP Relay does not work with DHCP Snooping?
Hi,
On Ruijie RG-S6250-48XS8CQ series swithces, dhcp relay function does not work with dhcp snooping being on although dhcp server port is a dhcp snooping trusted interface.
The configuration is below, are there any extra necessary configuration with dhcp snooping with dhcp relay?

!
lldp network-policy profile 1
voice vlan 100
voice-signaling vlan 100
no spanning-tree
!
class-map d..
!
ip dhcp snooping
sntp interval 300
sntp server 10.5.71.70
sntp enable
!
username admin password 7 13241e44202f15797c57154f
!
no auto-provision
ip helper-address 10.5.71.70
!
install switch 1 RG-S6250-48XS8CQ
install switch 2 RG-S6250-48XS8CQ
install 1/0 RG-S6250-48XS8CQ
install 2/0 RG-S6250-48XS8CQ
!
sysmac 1082.3d95.352b
ip name-server 10.5.71.70
!
nfpp
!
mtu forwarding 9216
!
service password-encryption
!
redundancy
!
logging file flash:syslog
logging flash interval 1
logging trap debugging
logging server 10.5.71.50 udp-port 1514
clock timezone GMT +3 0
!
enable password 7 02624f39350839517f474269
enable service ssh-server
no enable service telnet-server
vlan 1
name DEFAULT
!
vlan 10
name M*****
!
vlan 20
name ******
!
vlan 30
name ************
!
vlan 40
name ******************
!
vlan 50
name ******************
!
vlan 60
name ******************
!
vlan 80
name *****************
!
vlan 90
name ***************
!
vlan 95
name *****************
!
vlan 100
name **********
!
vlan 199
name ****************
!
vlan 200
name ***************
!
vlan 300
name *******************
!
vlan 400
name ******************
!
interface TenGigabitEthernet 1/0/1
port-group 1
!
interface TenGigabitEthernet 1/0/2
port-group 2
!
interface TenGigabitEthernet 1/0/3
port-group 3
!
interface TenGigabitEthernet 1/0/4
port-group 4
!
interface TenGigabitEthernet 1/0/5
port-group 5
!
interface TenGigabitEthernet 1/0/6
port-group 6
!
interface TenGigabitEthernet 1/0/7
!
interface TenGigabitEthernet 1/0/8
!
interface TenGigabitEthernet 1/0/9
!
interface TenGigabitEthernet 1/0/10
switchport access vlan 100
!
interface TenGigabitEthernet 1/0/11
!
interface TenGigabitEthernet 1/0/12
!
interface TenGigabitEthernet 1/0/13
!
interface TenGigabitEthernet 1/0/14
!
interface TenGigabitEthernet 1/0/15
!
interface TenGigabitEthernet 1/0/16
!
interface TenGigabitEthernet 1/0/17
speed 1000
switchport mode trunk
!
interface TenGigabitEthernet 1/0/18
!
interface TenGigabitEthernet 1/0/19
!
interface TenGigabitEthernet 1/0/20
!
interface TenGigabitEthernet 1/0/21
!
interface TenGigabitEthernet 1/0/22
!
interface TenGigabitEthernet 1/0/23
!
interface TenGigabitEthernet 1/0/24
!
interface TenGigabitEthernet 1/0/25
description IBM-BHALNDB1-01
!
interface TenGigabitEthernet 1/0/26
description IBM-BHALNDB1-02
!
interface TenGigabitEthernet 1/0/27
description IBM-BHALNDB2-01
!
interface TenGigabitEthernet 1/0/28
description IBM-BHALNDB2-02
!
interface TenGigabitEthernet 1/0/29
!
interface TenGigabitEthernet 1/0/30
!
interface TenGigabitEthernet 1/0/31
!
interface TenGigabitEthernet 1/0/32
!
interface TenGigabitEthernet 1/0/33
!
interface TenGigabitEthernet 1/0/34
!
interface TenGigabitEthernet 1/0/35
port-group 35
!
interface TenGigabitEthernet 1/0/36
!
interface TenGigabitEthernet 1/0/37
port-group 37
!
interface TenGigabitEthernet 1/0/38
port-group 38
!
interface TenGigabitEthernet 1/0/39
port-group 39
!
interface TenGigabitEthernet 1/0/40
port-group 40
!
interface TenGigabitEthernet 1/0/41
port-group 41
!
interface TenGigabitEthernet 1/0/42
port-group 42
!
interface TenGigabitEthernet 1/0/43
port-group 43
!
interface TenGigabitEthernet 1/0/44
port-group 44
!
interface TenGigabitEthernet 1/0/45
port-group 45
!
interface TenGigabitEthernet 1/0/46
port-group 46
!
interface TenGigabitEthernet 1/0/47
port-group 47
!
interface TenGigabitEthernet 1/0/48
description ALN-BACKBONE
switchport mode trunk
switchport trunk native vlan 199
switchport trunk allowed vlan only 1,10,30,40,50,60,90,100,199-200,300,400
spanning-tree guard none
ip arp inspection trust
ip dhcp snooping trust
!
interface TenGigabitEthernet 2/0/1
port-group 1
!
interface TenGigabitEthernet 2/0/2
port-group 2
!
interface TenGigabitEthernet 2/0/3
shutdown
port-group 3
!
interface TenGigabitEthernet 2/0/4
port-group 4
!
interface TenGigabitEthernet 2/0/5
port-group 5
!
interface TenGigabitEthernet 2/0/6
port-group 6
!
interface TenGigabitEthernet 2/0/7
!
interface TenGigabitEthernet 2/0/8
!
interface TenGigabitEthernet 2/0/9
!
interface TenGigabitEthernet 2/0/10
!
interface TenGigabitEthernet 2/0/11
!
interface TenGigabitEthernet 2/0/12
!
interface TenGigabitEthernet 2/0/13
!
interface TenGigabitEthernet 2/0/14
!
interface TenGigabitEthernet 2/0/15
!
interface TenGigabitEthernet 2/0/16
!
interface TenGigabitEthernet 2/0/17
!
interface TenGigabitEthernet 2/0/18
!
interface TenGigabitEthernet 2/0/19
!
interface TenGigabitEthernet 2/0/20
!
interface TenGigabitEthernet 2/0/21
!
interface TenGigabitEthernet 2/0/22
!
interface TenGigabitEthernet 2/0/23
!
interface TenGigabitEthernet 2/0/24
!
interface TenGigabitEthernet 2/0/25
description IBM-BHALNDB1-03
!
interface TenGigabitEthernet 2/0/26
description IBM-BHALNDB1-04
!
interface TenGigabitEthernet 2/0/27
description IBM-BHALNDB2-03
!
interface TenGigabitEthernet 2/0/28
description IBM-BHALNDB2-04
!
interface TenGigabitEthernet 2/0/29
!
interface TenGigabitEthernet 2/0/30
!
interface TenGigabitEthernet 2/0/31
!
interface TenGigabitEthernet 2/0/32
!
interface TenGigabitEthernet 2/0/33
!
interface TenGigabitEthernet 2/0/34
!
interface TenGigabitEthernet 2/0/35
port-group 35
!
interface TenGigabitEthernet 2/0/36
!
interface TenGigabitEthernet 2/0/37
port-group 37
!
interface TenGigabitEthernet 2/0/38
port-group 38
!
interface TenGigabitEthernet 2/0/39
port-group 39
!
interface TenGigabitEthernet 2/0/40
port-group 40
!
interface TenGigabitEthernet 2/0/41
port-group 41
!
interface TenGigabitEthernet 2/0/42
port-group 42
!
interface TenGigabitEthernet 2/0/43
port-group 43
!
interface TenGigabitEthernet 2/0/44
port-group 44
!
interface TenGigabitEthernet 2/0/45
port-group 45
!
interface TenGigabitEthernet 2/0/46
port-group 46
!
interface TenGigabitEthernet 2/0/47
port-group 47
!
interface TenGigabitEthernet 2/0/48
description ALN-BACKBONE
switchport mode trunk
switchport trunk native vlan 199
switchport trunk allowed vlan only 1,10,30,40,50,60,90,100,199-200,300,400
spanning-tree guard none
ip arp inspection trust
ip dhcp snooping trust
!
interface HundredGigabitEthernet 1/0/49
!
interface HundredGigabitEthernet 1/0/50
!
interface HundredGigabitEthernet 1/0/51
!
interface HundredGigabitEthernet 1/0/52
!
interface HundredGigabitEthernet 1/0/53
!
interface HundredGigabitEthernet 1/0/54
!
interface HundredGigabitEthernet 1/0/55
!
interface HundredGigabitEthernet 1/0/56
description vsu-port
!
interface HundredGigabitEthernet 2/0/49
!
interface HundredGigabitEthernet 2/0/50
!
interface HundredGigabitEthernet 2/0/51
!
interface HundredGigabitEthernet 2/0/52
!
interface HundredGigabitEthernet 2/0/53
!
interface HundredGigabitEthernet 2/0/54
!
interface HundredGigabitEthernet 2/0/55
!
interface HundredGigabitEthernet 2/0/56
description vsu-port
!
interface AggregatePort 1
description SISTEM-SW-1
switchport mode trunk
switchport trunk allowed vlan only 1,10,100
!
interface AggregatePort 2
description SISTEM-SW-2
switchport mode trunk
switchport trunk allowed vlan only 1,10,100
!
interface AggregatePort 3
description ABLOK-KAT9-SW
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 4
description ANJIO-SW
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 5
description AILE-HEK-SW-OLD
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 6
switchport mode trunk
switchport trunk allowed vlan only 1,10,100
!
interface AggregatePort 35
description FIREWALL
switchport mode trunk
switchport trunk allowed vlan only 1,10,95,100
!
interface AggregatePort 37
switchport mode trunk
switchport trunk allowed vlan only 1,10,100
!
interface AggregatePort 38
description *************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 39
description *************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 40
description *******
switchport mode trunk
switchport trunk allowed vlan only 1,10,200
!
interface AggregatePort 41
description *****************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 42
description ********************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 43
description ******************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 44
description ****************
switchport mode trunk
switchport trunk allowed vlan only 10,30,50,60,90,95,100,200
!
interface AggregatePort 45
description ****************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 46
description ********************
switchport mode trunk
switchport trunk allowed vlan only 1,10,50,90,95,100
!
interface AggregatePort 47
description SISTEM-BACKBONE-KENAR
switchport mode trunk
ip dhcp snooping trust
!
interface VLAN 1
mtu 9216
ip address 10.5.171.101 255.255.0.0
!
interface VLAN 10
ip address 10.15.71.101 255.255.255.0
!
interface VLAN 30
!
interface VLAN 40
!
interface VLAN 50
ip address 10.15.5.1 255.255.255.0
ip helper-address 10.5.71.70
!
interface VLAN 60
!
interface VLAN 95
ip helper-address 172.20.0.1
!
interface VLAN 100
description Voice_VLAN
ip address 10.20.71.101 255.255.0.0
!
interface VLAN 300
description PTP WiFi
ip address 192.168.169.2 255.255.255.0
!
interface Mgmt 1/0
!
interface Mgmt 2/0
!
switch virtual domain 100
!
ip route 0.0.0.0 0.0.0.0 10.5.0.2
ip route 10.20.0.0 255.255.0.0 VLAN 100 10.20.0.5
ip route 172.20.0.0 255.255.224.0 172.20.0.1
!
line console 0
line vty 0 15
transport input ssh
login local
!
end

Author: GTAC-Micca Time: 2023-1-4 10:46
I want to know what is the phenomenon of DHCP relay doesn't work, the user of VLAN 50 and VLAN 95
can not get the address, right?

May I know what your topology? And how are your network segments arranged?

Author: aliturkdogan@bi Time: 2023-1-6 21:58

Micca replied at 2023-1-4 10:46
I want to know what is the phenomenon of DHCP relay doesn't work, the user of VLAN 50 and VLAN 95
c ...

Yes. Topology is in attachment.

Author: GTAC-Micca Time: 2023-1-9 09:35

Ali Şiyar Türkdoğan replied at 2023-1-6 21:58
Yes. Topology is in attachment.

Thanks for sharing.
May I know the phenomenon of DHCP relay doesn't work? Which vlan cannot obtain the address?

BTW, you can try to add this command after you configure dhcp snooping trust port:
Ruijie(config)#ip dhcp snooping check-giaddr
Ruijie(config)#end

Welcome to Ruijie Community (https://community.ruijienetworks.com/)