Symptom
The DHCP table is not getting populated when a new host is plugged into the port if the command "ip verify source mac-check" is enabled , the DHCP request from that host are being blocked and therefore the host does never receive an ip address.
Conditions
3850
ip verify source mac-check is configured on the ports connecting to hosts
Workaround
use the source-guard feature without the mac-check keyword
Further Problem Description
As per configuration guide, "ip verify source mac-check" is supposed to create a new DHCP snooping binding entry for every new host connected to the ports on 3850, but is not.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_0110110.pdf
Symptom:
Clients fails to get DHCP when ipsg and portsecurity and enabled on the port.
Conditions;
When port security gives calls ipsg to lookinto the new mac arrived.
Workaround:
Added check to verify if maccheck is supported on the platform, which makes sure
that in case of NG3k it doesn't verify mac binding.
Now this will not cause any issue for 3k and 4k since 3k and 4k do not support
maccheck, hence will work as it is today
