Switch is dropping arps – Allied Telesis x900-48 series User Manual

Page 26 | AlliedWare™ OS How To Note: DHCP snooping on AT-9900-style switches

Troubleshooting > Switch is dropping ARPs

Switch is dropping ARPs

If you have DHCP snooping in ARP security mode, then unknown clients on untrusted ports
will not be able to ARP.

Known clients on untrusted ports will be able to ARP.

A client is known on an untrusted port if it has an IP/MAC entry in the DHCP snooping
database (show dhcpsnooping database). Your DHCP server must be on a trusted port.

You cannot work around dropped ARPs (from the DHCP server) by statically binding the
DHCP server’s IP and MAC address to a port, instead of setting it as trusted. The switch will
not send the DHCP server the DHCP request. The switch will not flood the DHCP request
to any ports other than trusted ones. So although the switch will let the DHCP server send
ARP requests, the DHCP server will not receive any DHCP requests.

DHCPSN_ARP: [0193a9ec] ARP Received on untrusted port 24 VLAN 1

DHCPSN_ARP: [0193a9ec] ARP Discarded, sender not found in DHCP Snoop DB

DHCPSN_ARP: [01a6f5ec] ARP Received on untrusted port 1 VLAN 1

DHCPSN_ARP: [01a6f5ec] ARP to be forwarded, sender validated

DHCPSN_ARP: [01a6f5ec] Forwarding ARP at L2 for VLAN 1

DHCPSN_ARP: [01a6f5ec] Forward ports (except 1)

DHCPSN_ARP: [01a6f5ec] Tagged:None

DHCPSN_ARP: [01a6f5ec] Untagged:24

Manager > set dhcpsnooping port=24 trusted=yes

Info (1137260): DHCP Snooping port(s) 24 updated successfully.

Manager >

DHCPSN_ARP: [023a218c] ARP Received on trusted port 24 VLAN 1

DHCPSN_ARP: [023a218c] Forwarding ARP at L2 for VLAN 1

DHCPSN_ARP: [023a218c] Forward ports (except 24)

DHCPSN_ARP: [023a218c] Tagged:None

DHCPSN_ARP: [023a218c] Untagged:1