# DHCP: Option 82 (relay agent information) missing from DHCPDISCOVER, server ignoring request - **ID:** `networking/dhcp-option-82-missing` - **Domain:** networking - **Category:** protocol_error - **Verification:** ai_generated - **Fix Rate:** 90% ## Root Cause A DHCP relay agent or switch configured to require Option 82 (RFC 3046) for DHCP snooping is not inserting the option into client DHCPDISCOVER packets, causing the DHCP server to silently drop the request. ## Version Compatibility | Version | Status | Introduced | Deprecated | |---------|--------|------------|------------| | Cisco IOS 15.2(7)E | active | — | — | | ISC DHCP Server 4.4.2-P1 | active | — | — | | dnsmasq 2.86 | active | — | — | ## Workarounds 1. **Enable DHCP snooping trust on the switch port facing the DHCP server and configure Option 82 insertion: ip dhcp snooping trust; interface GigabitEthernet0/1; ip dhcp snooping information option allow-untrusted** (92% success) ``` Enable DHCP snooping trust on the switch port facing the DHCP server and configure Option 82 insertion: ip dhcp snooping trust; interface GigabitEthernet0/1; ip dhcp snooping information option allow-untrusted ``` 2. **On the DHCP server, disable Option 82 validation: in /etc/dhcp/dhcpd.conf, add 'allow unknown-clients;' and 'ignore option-82;' then restart the service.** (85% success) ``` On the DHCP server, disable Option 82 validation: in /etc/dhcp/dhcpd.conf, add 'allow unknown-clients;' and 'ignore option-82;' then restart the service. ``` 3. **Upgrade the switch firmware to a version that correctly supports RFC 3046 Option 82 insertion.** (78% success) ``` Upgrade the switch firmware to a version that correctly supports RFC 3046 Option 82 insertion. ``` ## Dead Ends - **** — The client is sending valid DHCPDISCOVER packets; the issue is on the relay/switch side not inserting Option 82. (95% fail) - **** — This avoids the error but defeats the purpose of DHCP and is not scalable for large deployments. (70% fail) - **** — Disabling DHCP snooping reduces network security by allowing rogue DHCP servers; it should only be done as a last resort. (60% fail)