diff --git a/roles/access/tasks/main.yml b/roles/access/tasks/main.yml
index 785a8a2..a48f03e 100644
--- a/roles/access/tasks/main.yml
+++ b/roles/access/tasks/main.yml
@@ -19,7 +19,7 @@
     ansible_terminal_stderr_re: [] # some errors are not actually errors
   register: result
   # These lines are not displayed by 'sho ru' and always reported as different, so ignore them.
-  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?|no ip dhcp snooping|no ip dhcp snooping trust)$')
+  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?)$')
   notify: write config
 
 - name: Run model-specific tasks
diff --git a/roles/access/templates/config-d-link.j2 b/roles/access/templates/config-d-link.j2
index 9942cf6..ab2a982 100644
--- a/roles/access/templates/config-d-link.j2
+++ b/roles/access/templates/config-d-link.j2
@@ -51,12 +51,6 @@ interface {{ iface.name }}
 {% set mgmt.gw = iface.custom_fields.gateway.address %}
 {% endif %}
 {% endif %}
-
-{% if iface.name in ifaces_dhcp | default([]) %}
- ip dhcp snooping trust
-{% else %}
- no ip dhcp snooping trust
-{% endif %}
 {% endfor %}
 
 {%- if mgmt.ip %}
@@ -89,12 +83,6 @@ sntp server {{ address }}
 
 ntp access-group default nomodify noquery
 
-{% if ifaces_dhcp | default(false) %}
-ip dhcp snooping
-{% else %}
-no ip dhcp snooping
-{% endif %}
-
 {% if mgmt.gw %}
 ip route 0.0.0.0 0.0.0.0 {{ mgmt.gw | ipaddr('address') }} primary
 {% endif %}
diff --git a/roles/exit/templates/isc-dhcp-relay.j2 b/roles/exit/templates/isc-dhcp-relay.j2
index fb15a3e..ae42667 100644
--- a/roles/exit/templates/isc-dhcp-relay.j2
+++ b/roles/exit/templates/isc-dhcp-relay.j2
@@ -5,7 +5,8 @@
 SERVERS="{{ my_server | ipaddr('address') }}"
 {% if my_prefix.vrf.name == 'outside' %}
 INTF_CMD="{{ my_vlans | map('regex_replace', '^', '-id bridge.') | join(' ') }} -iu {{ iface_uplink }} -iu peerlink.4 -U {{ my_prefix.vrf.name }}"
+OPTIONS=""
 {% else %}
 INTF_CMD="{{ my_vlans | map('regex_replace', '^', '-id bridge.') | join(' ') }} -U bridge.{{ my_prefix.vlan.vid }}"
+OPTIONS="--giaddr-src"
 {% endif %}
-OPTIONS=""