The DHCP snooping feature in Juniper Networks’ EX Series switches works by building a binding
database that maps the IP address, MAC address, lease time, binding type, VLAN number, and
interface information1. This database is used to filter and validate DHCP messages from untrusted
sources1.
However, there are certain conditions that could prevent entries from being automatically created in
the snooping database for an interface:
MAC limiting: If MAC limiting is enabled on the interface, it could potentially interfere with the
operation of DHCP snooping. MAC limiting restricts the number of MAC addresses that can be
learned on a physical interface to prevent MAC flooding attacks1. This could inadvertently limit the
number of DHCP clients that can be learned on an interface, thus preventing new entries from being
added to the DHCP snooping database.
Static IP address: If the device connected to the interface is configured with a static IP address, it will
not go through the DHCP process and therefore will not have an entry in the DHCP snooping
database1. The DHCP snooping feature relies on monitoring DHCP messages to build its database1,
so devices with static IP addresses that do not send DHCP messages will not have their information
added.
Therefore, options B and C are correct. Options A and D are not correct because performing a
DHCPRELEASE would simply remove an existing entry from the database1, and Dynamic ARP
inspection (DAI) uses the information stored in the DHCP snooping binding database but does not
prevent entries from being created1.
