Re: DHCP Snooping Issue from Piotr Matusiak on 2011-06-12 (Ccielab archives 06/2011)

From: Piotr Matusiak <pitt2k_at_gmail.com>
Date: Sun, 12 Jun 2011 17:48:55 +0200

Hi,

This message is generated by DAI feature not DHCP Snooping. It is caused by
device connected to port g2/18. Check this out. It seems there is someone
connected to that port with static IP address of 10.1.1.1 with MAC of
0022.5ac1.202a so that DHCP Snooping has note registerd it in its database.
If this host is valid in your network and must have static IP configured,
then add static binding to the DHCP Snooping database (ip dhcp snooping
binding...)

Regards,

--
Piotr Matusiak
CCIE #19860 (R&S, Security), CCSI #33705
Technical Instructor
website: www.MicronicsTraining.com <http://www.micronicstraining.com/>
blog: www.ccie1.com
If you can't explain it simply, you don't understand it well enough -
Albert Einstein
2011/6/12 <roykhan123_at_hotmail.com>
> Dear All,
>
> I am facing problem in my network is that i am getting DHCP snooping Deny
> log
> messages continue in my switches. I knows that how dhcp snooping is working
> but
> i do not knows why this is appearing in the switch, when there is no dhcp
> server connected that ports and every thing is working fine.
>
> %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Req) on Gi2/18, vlan
> 20.([0022.5ac1.202a/10.1.1.1/0000.0000.0000/10.0.176.16/17:38:05 AST Sun
> Jun 12
> 2011])
>
> 1. Is this because of Virus. that cause the machine to generate this error.
> I
> saw this problem before there was a virus.
> 2. I dont  knows about the servers may be some services is running inside
> the
> server that cause the server to generate this request Or some thing else
>
> Note some there is no virus on the machine and still this error is occur on
> the
> machine... I really do not Why this happening and how i fix this issue.
>
> Currently I am getting this message and there is no issue with the Machine
> it
> self
>
> Port configuration
>
> interface GigabitEthernet2/9
>
>  switchport
>  switchport access vlan 19
>  switchport mode access
>  switchport voice vlan 16
>  ip arp inspection limit rate 128
>  no ip address
>  spanning-tree portfast
>  spanning-tree bpduguard enable
> end
> !
> ip dhcp snooping
> ip dhcp snooping vlan 19,16
> !
>
> kindly advise
>
> Take care
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net

Received on Sun Jun 12 2011 - 17:48:55 ART

This archive was generated by hypermail 2.2.0 : Fri Jul 01 2011 - 06:24:28 ART