Courseiva
200-301
Full test
mediummultiple choiceObjective-mapped

A PC in VLAN 30 must obtain an address from a DHCP server in VLAN 99. Which feature is required on the Layer 3 interface for VLAN 30?

Question 1mediummultiple choice
Full question →

A PC in VLAN 30 must obtain an address from a DHCP server in VLAN 99. Which feature is required on the Layer 3 interface for VLAN 30?

Full question →

Answer choices

Why each option matters

Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.

A

Distractor review

Port security

Port security limits MAC behavior on a switchport; it does not forward DHCP broadcasts across VLANs.

B

Distractor review

DHCP snooping

DHCP snooping validates DHCP exchanges but does not replace relay across subnets.

C

Best answer

DHCP relay

Correct. DHCP relay is what allows a client to reach a server on another subnet.

D

Distractor review

Dynamic ARP inspection

DAI inspects ARP traffic, not DHCP forwarding between networks.

Common exam trap

Common exam trap: answer the scenario, not the keyword

A frequent exam trap is selecting DHCP snooping or port security as the solution for inter-VLAN DHCP communication. DHCP snooping is often misunderstood as a relay mechanism, but it only validates DHCP messages to prevent unauthorized servers and does not forward broadcasts between VLANs. Similarly, port security controls MAC address access on switchports but does not affect DHCP message forwarding. Candidates may also confuse Dynamic ARP Inspection with DHCP relay, but DAI only inspects ARP traffic for security purposes. The key mistake is overlooking that DHCP broadcasts are Layer 2 broadcasts and require DHCP relay on the Layer 3 interface to reach servers in other VLANs.

Technical deep dive

How to think about this question

DHCP relay is a critical feature in multi-VLAN networks where DHCP clients and servers reside in different IP subnets. DHCP clients initially send DHCP Discover messages as broadcasts, which are limited to their local VLAN and do not cross Layer 3 boundaries. To enable clients in VLAN 30 to obtain IP addresses from a DHCP server in VLAN 99, the Layer 3 interface serving VLAN 30 must be configured to forward these broadcasts as unicast messages to the DHCP server. This forwarding is accomplished using the DHCP relay agent functionality, typically configured with the ip helper-address command on Cisco devices. The DHCP relay agent listens for DHCP broadcast requests on the local VLAN interface and then forwards those requests as unicast packets to the specified DHCP server IP address in another VLAN or subnet. This mechanism allows centralized DHCP servers to serve multiple VLANs without requiring a DHCP server in each VLAN. The relay agent also forwards DHCP replies back to the requesting client, ensuring seamless IP address assignment across VLAN boundaries. This behavior is essential in routed networks where VLANs segment broadcast domains. A common exam trap is confusing DHCP relay with DHCP snooping or port security. DHCP snooping is a security feature that filters DHCP messages to prevent rogue servers but does not forward DHCP requests across VLANs. Port security restricts MAC addresses on switchports but does not enable DHCP broadcast forwarding. Understanding that DHCP relay is the mechanism that bridges DHCP communication across Layer 3 boundaries is crucial for correctly answering questions about inter-VLAN DHCP address assignment.

KKey Concepts to Remember

  • DHCP relay forwards DHCP client broadcast messages from one VLAN to a DHCP server located in a different VLAN or subnet.
  • Layer 3 interfaces configured with DHCP relay use the ip helper-address command to specify the DHCP server’s IP address.
  • DHCP broadcasts do not cross Layer 3 boundaries by default, requiring relay agents to enable inter-VLAN DHCP communication.
  • Port security restricts MAC addresses on switchports but does not facilitate DHCP message forwarding across VLANs.
  • DHCP snooping validates DHCP messages to prevent rogue servers but does not relay DHCP requests between VLANs.
  • Dynamic ARP Inspection inspects ARP packets for security but does not affect DHCP message forwarding or relay.
  • A Layer 3 interface on a switch or router acting as a default gateway for a VLAN must have DHCP relay configured to serve clients in that VLAN from a remote DHCP server.
  • Without DHCP relay, clients in one VLAN cannot obtain IP addresses from DHCP servers in another VLAN due to broadcast domain separation.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Related practice questions

Related 200-301 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

CCNA subnetting practice questions

Practise IPv4 subnetting, CIDR, masks, host ranges and subnet selection.

CCNA OSPF practice questions

Practise OSPF neighbours, router IDs, metrics, areas and routing-table interpretation.

CCNA VLAN practice questions

Practise VLANs, access ports, trunks, allowed VLANs and switching scenarios.

CCNA STP practice questions

Practise spanning tree, root bridge election, port roles and STP troubleshooting.

CCNA EtherChannel practice questions

Practise LACP, PAgP, port-channel behaviour and bundle requirements.

CCNA ACL practice questions

Practise standard and extended ACLs, permit/deny logic and traffic filtering.

CCNA NAT practice questions

Practise static NAT, dynamic NAT, PAT and inside/outside address translation.

CCNA DHCP practice questions

Practise DHCP scopes, relay, leases and troubleshooting.

CCNA show ip route practice questions

Practise routing-table output, longest-prefix match, AD and route selection.

CCNA show interfaces trunk practice questions

Practise trunk verification and VLAN forwarding across switches.

CCNA wireless security practice questions

Practise WLAN security, authentication and wireless architecture concepts.

CCNA IPv6 practice questions

Practise IPv6 addressing, routes, neighbour discovery and common IPv6 exam traps.

More questions from this exam

Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.

Question 1

A router learns the same prefix from both OSPF and EIGRP. Which route is installed by default?

Question 2

A router shows this output: R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.1.1.2 1 FULL/DR 00:00:34 192.168.12.2 GigabitEthernet0/0 10.1.1.3 1 2WAY/DROTHER 00:00:39 192.168.12.3 GigabitEthernet0/0 Which statement is correct?

Question 3

What is the OSPF metric called?

Question 4

A non-root switch has two uplinks toward the root bridge. One path has a lower total STP cost than the other. What role will the lower-cost uplink have?

Question 5

A router interface applies this ACL inbound: 10 deny tcp any any eq 80 20 permit ip any any A user reports that web browsing to a server by IP address fails, but ping works. Which statement best explains the behavior?

Question 6

A router learns route 198.51.100.0/24 from OSPF with AD 110 and also has a static route to the same prefix configured with AD 150. Which route is installed?

FAQ

Questions learners often ask

What does this 200-301 question test?

DHCP relay forwards DHCP client broadcast messages from one VLAN to a DHCP server located in a different VLAN or subnet.

What is the correct answer to this question?

The correct answer is: DHCP relay — DHCP Discover messages are broadcasts and do not cross Layer 3 boundaries on their own. DHCP relay, commonly configured with ip helper-address, forwards the requests to a server on another subnet.

What should I do if I get this 200-301 question wrong?

Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.

Discussion

Loading comments…

Sign in to join the discussion.