DHCP Snooping Issue on Cisco N3K SW

Hi everyone,

I hope all you are fine. I’m very new to this mailing list and looking for a solution if anyone could help me.

I am a network operation engineer and working for an ISP in Bangladesh. We are serving internet, data connectivity, IPTSP, IPTV and other services to corporate and retail clients. Retail clients are basically home users and small offices.

To connect their CPE devices to our access network we are using DHCP. For example, we are using IP in our BRAS interface and rest of all IPs are in DHCP pool to be allocated to the end users. By this time we had some bad experience with rouge DHCP server while clients connect the WAN link to the LAN port of CPE devices.

To overcome that we recently deployed DHCP-snooping on our distribution switches which is in between the DHCP server and clients. But we are facing new problem after deploying that. Sometime our switch got stuck and clients don’t get any IP via DHCP and all the allocations on valid DHCP server are stuck in “OFFERED” state. If we disable and then again enable the DHCP snooping feature in switch then problem is resolved for temporary. But few hours later the same problem happens repeatedly.

For your information we are using Cisco Nexus 3000 switch and around 3k to 4k clients are there under that switch. We have a different location/POP where not more than 500 users are there and we don’t have this kind of problem at all.

So we assume that our Nexus 3000 switch is not performing well to handle DHCP snooping for large number of customers!!!

For better understanding please check the network topology diagram (attached)

SW Details:

cisco Nexus3000 C3064PQ Chassis

BIOS: version 3.8.0
NXOS: version 7.0(3)I4(3)
NXOS image file is: bootflash:///nxos.7.0.3.I4.3.bin

Just seeking expert opinion on above mention issue.

Thanks & Regards,