4 Easy Steps to DHCP Option 82 in Cisco Catalyst Switches

Posted on in Networking

cover image for article

If you're interested in DHCP Option 82 in your Cisco Catalyst-based network, you'll be happy to know that the configuration can be summed up in 4 easy steps.

  1. Enable IP DHCP Snooping. This is an easy global configuration command: ip dhcp snooping. Although we're only turning this on to get our Catalyst switch to start inserting Option 82 information in the DHCP requests, DHCP Snooping is great for monitoring which IP addresses have been assigned to devices attached to the switch.
  2. Enable IP DHCP Snooping on your VLANs. More than likely, you want this information for all VLANs in your network. If so, the command you need is ip dhcp snooping vlan 1 4094. If you only want to enable this on VLAN 7 (for example), ip dhcp snooping vlan 7 will do the trick.
  3. Configure "trusted" DHCP ports. In relation to DHCP Snooping, "trusted" ports are ports that DHCP assignments come in on or that will have DHCP requests with Option 82 information already inserted. In the case of Cisco Catalyst switches, ports that represent inter-switch links or connect directly to the DHCP server should be set to "trusted". This is done with the interface level configuration command ip dhcp snooping trust. NOTE: If there are no trusted ports on your network, DHCP will stop functioning.
  4. Profit!

Putting it all together

Here's a sample configuration for those that like to see it being done.

SLAP#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SLAP(config)#ip dhcp snooping
SLAP(config)#ip dhcp snooping vlan 1 4094
SLAP(config)#interface GigabitEthernet 0/1
SLAP(config-if)#description Inter-switch Link
SLAP(config-if)#ip dhcp snooping trust
SLAP(config-if)#interface GigabitEthernet 0/2
SLAP(config-if)#description DCHP Server
SLAP(config-if)#ip dhcp snooping trust
SLAP(config-if)#^Z
SLAP#

Related Reading

Slaptijack's Koding Kraken