This morning I was playing with a new switch that arrived at work which was the 2960plus. It was so new it says on the sticker with was just assembled 2 months before the date it was received.
I have always wondered if there’s a huge difference between the 2960s and my 2950s at home. Mind you my switches are running on IOS ver 12.1(22) while the 2960s were running the latest IOS ver 15 on them.
For some uncanny reason you can activate layer 3 switch commands on that newer switch but routing doesn’t actually work. You can see private-vlans on some of the show interface commands but that is just it, its just for display and no function at all.
I tried to create a lab on ip dhcp snooping on it but to my surprise, it wasn’t working. Configs are as follows:
configure terminal
ip dhcp snooping
ip dhcp snooping vlan 10
interface range fa0/1 – 8
switchport access vlan 10
switchport mode access
spanning-tree portfast
interface fa0/1
ip dhcp snooping trust
To confirm, i did a show ip dhcp snooping command
To test, i plugged in a rogue dhcp isr on one of the untrusted ports and its now receiving ip addresses from that port…Connor (the other tutor) was checking the web what we missed but so far we’ve done everything correctly. Double checked the configs they were all fine.
Went home, did the same thing on my 2950 and lo and behold, its working properly. But…..according to cisco documentation it is supposed to place the rogue dhcp’s port in err disable mode but so far all its doing is just dropping packets and port is still up. Super mystery of the week.
Note: on a lighter note, I will be taking my CCNP switch exam tomorrow morning, lets see how that goes…
Running-Config 