Why cannot users obtain IP addresses after DHCP snooping is configured

18

After DHCP snooping is enabled, all the interfaces on the device are untrusted interfaces by default. In this case, you need to use dhcp snooping trusted command to set the status of the interfaces connected to the DHCP server to trusted. Otherwise, the DHCP Reply messages sent from the DHCP server are discarded and users connected to the device cannot obtain IP addresses from the DHCP server.

Other related questions:
Reasons why users cannot obtain IP addresses after DHCP Snooping is configured on S series switch
After DHCP snooping is enabled, all interfaces on S series switches are untrusted by default. DHCP Discover packets, however, must be forwarded from a trusted interface on the switch. Therefore, you must configure the interface connected to the DHCP server as a trusted interface to ensure that users connected to the switch can obtain IP addresses.

Why the clients on a DHCP snooping network cannot obtain IP addresses after they move
On a network using DHCP snooping-enabled S series switches, a binding table is generated on the switch after a user obtains an IP address. If the user is switched to another port of the switch without releasing the IP address, the user may fail to obtain this IP address and access the network. If a user attempts to apply for the same IP address with the same MAC address on a different port after the corresponding binding table has been generated, the switch cannot distinguish whether the user has switched to another port or an unauthorized user attempts to access the network. As a result, the switch does not modify the binding table, resulting in the user's failure to obtain the IP address. To solve this problem, you can delete the binding table from the switch.

On an S series switch enabled with DHCP snooping, the reason why the user cannot obtain the IP address after changing the terminal's location
On an S series switch enabled with DHCP snooping, a binding table is generated on the switch after a user obtains an IP address. If the user is switched to another interface of the device without releasing the IP address, the user cannot obtain the IP address or access the network. The corresponding binding table has been generated. The user attempts to apply for the same IP address with the same MAC address on a different interface. In this case, the switch does not know whether the user has switched to another interface or an unauthorized user attempts to access the network; therefore, the switch does not modify the binding table. As a result, the user fails to obtain the IP address and access the network. To solve this problem, you can delete the binding table from the switch.

Wireless users cannot obtain IP addresses and the device displays a message indicating that the connection is restricted or needs to be reestablished
1. The dhcp enable command is not configured in the system view. 2. The dhcp select interface command is not configured in the interface view.

An AP fails to obtain an IP address through DHCP
Perform the following steps to locate the fault: 1. Check whether the AP is configured to obtain an IP address through DHCP. 2. Check whether the Layer 2 link between the AP and DHCP server is working properly. 3. Run the display ip pool name ip-pool-name used command on the DHCP server to check whether the AP has obtained an IP address.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top