Reasons why some binding entries cannot be displayed after restart of the S series switch that have the function of automatically saving the binding entries configured

30

For S series switches in V100R006 and later versions, if a board cannot be detected, the display dhcp snooping user-bind command displays the DHCP snooping binding entries only after the board is inserted. To cope with this issue, check that the board is inserted and is in Up state. If the fault persists, contact Huawei technical support engineers.

Other related questions:
Check binding tables for IPSG on S series switches
You can check binding tables for IPSG on S series switches (except S1700 switches) as follows: 1. Run the display dhcp static user-bind all command to check static binding entries. 2. Run the display dhcp snooping user-bind all command to check dynamic DHCP snooping binding entries.

Configure binding tables for IPSG (user-bind binding tables) on S series switches
Configure a binding table for IPSG (user-bind binding table) on an S series switch (except the S1700) as follows: �?Static binding table A static binding entry contains at least one of the following: IP address, MAC address, interface, VLAN, and IP address and MAC address. An interface cannot be bound to a VLAN to form a binding entry. For example, configure a static binding entry of VLAN 2 and IP address 1.1.1.1. [HUAWEI] user-bind static ip-address 1.1.1.1 vlan 2 Note: Static binding entries can be configured only in the system view. �?Dynamic binding table Enable DHCP snooping globally and on an interface. Generally, the interface directly or indirectly connected to the DHCP server or gateway is configured as a trusted interface. After DHCP snooping is enabled and the trusted interface is configured, user-side interfaces automatically generate dynamic binding entries based on received DHCP ACK packets. For example, enable DHCP snooping globally and on GE0/0/1, and configure G0/0/1 as a trusted interface. [HUAWEI] dhcp enable [HUAWEI] dhcp snooping enable [HUAWEI] interface gigabitethernet 0/0/1 [HUAWEI-GigabitEthernet0/0/1] dhcp snooping enable [HUAWEI-GigabitEthernet0/0/1] dhcp snooping trusted Note: If both DHCP relay and VRRP are configured on a switch, DHCP snooping cannot be enabled. DHCP snooping cannot be enabled if the DHCP server is at the subordinate VLAN side and the DHCP client is at the principle VLAN side. After DHCP snooping is configured, the switch generates DHCP snooping entries for the hosts when the hosts go online again. Then IPSG takes effect. If you enable IPSG before the switch generates DHCP snooping dynamic binding entries, the switch rejects all packets except DHCP Request packets. In this situation, the hosts with dynamic IP addresses cannot communicate with each other. Therefore, before enabling the IPSG function, configure the DHCP snooping function to enable the switch to generate dynamic binding entries.

Reasons why IP packets matching binding entries are discarded a while after S series switch generates the dynamic binding table
After the dynamic binding table on the S series switches is generated for a while, If the IP packets that match the entries in the binding table are discarded, you need to check that the binding table still exists. The dynamic binding table has the aging time. If the IP address lease is not renewed after the aging time expires, the binding table ages out. As a result, the IP packets that match entries in the expired binding table are discarded.

Delete entries in binding tables for IPSG (user-bind binding tables) on S series switches
Delete entries in a binding table for IPSG (user-bind binding table) on an S series switch (except the S1700) as follows: Binding entries include static entries and dynamic entries. Dynamic entries are automatically generated when DHCP snooping is enabled. To delete dynamic entries, disable DHCP snooping. Static entries are configured manually. To delete static entries, perform the following operations: 1. Run the display dhcp static user-bind all command to view all static binding entries on the switch. [HUAWEI] display dhcp static user-bind all 2. Delete binding entries as required. a. Delete the static binding entry of IP address 192.168.1.1. [HUAWEI] undo user-bind static ip-address 192.168.1.1 mac-address 0001-0001-0001 b. Delete the static binding entry of MAC address 0002-0002-0002. [HUAWEI]undo user-bind static mac-address 0002-0002-0002 c. Delete all static binding entries of GE0/0/1. [HUAWEI] undo user-bind static interface gigabitethernet 0/0/1 d. Delete all static binding entries in VLAN 10. [HUAWEI] undo user-bind static vlan 10 e. Delete all entries in the static binding table. [HUAWEI]undo user-bind static

Reason why S series switch cannot learn ARP entries
When an S series switch, except S1700, works at Layer 2, the switch does not have ARP entries and cannot learn ARP entries. When an S series switch, except S1700, works at Layer 3 and cannot learn ARP entries, rectify the fault as follows: (1) Possible cause: The link between the switch and connected device fails. Solution: Perform ping operations to check whether the link fails. If so, rectify the link failure. (2) Possible cause: ARP strict learning is enabled on the switch. (After this function is enabled, the switch learns only the ARP reply packets in response to the ARP request packets sent by itself.) Solution: Run the undo arp learning strict command in the system or interface view to disable ARP strict learning. (3) Possible cause: The switch has too many ARP entries and may suffer an ARP attack. Solution: Configure static ARP entries for key servers or users and enable attack defense policies. Note: (1) By default, ARP strict learning is enabled on some models among fixed switches and disabled on modular switches. When a fixed switch connected to a modular switch receives a gratuitous ARP packet, the fixed switch does not learn ARP entries. Therefore, some fixed switches cannot learn ARP entries. (2) After ARP strict learning is enabled on a switch, the switch actively sends ARP request packets to hosts. Some PCs with wireless network adapters installed do not respond to ARP requests, so the switch cannot learn the ARP entries of the connected PCs. The PCs respond only after the network adapters are restarted. In this situation, disable ARP strict learning.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top