For the life of me, I am unable to get dhcp snooping to work on a juniper MX 480. We are using flexible-vlan-tagging and bridge-domains. I have tried setting one port to trusted, and another to untrusted, both to untrusted... and I already know that "trunk" ports are trusted by default and "access" ports are untrusted by default. However, this seems to not matter on this setup. no matter which settings i enable (arp-inspection, option 82...) the command "show dhcp-security binding" is blank and dhcp continues to work. I need it to NOT work... per dhcp-snooping policy...
I will point out we are using an external dhcp server, not the server integrated into the juniper MX.
Is this a limitation of an MX? Has anyone attempted to use dhcp-security features on an MX?
↧
dhcp snooping in MX
↧