Recommended DHCP Lease Durations (Win2k3) for DHCP Snooping

swharvey · ‎05-17-2007

We are deploying dhcp snooping and dynamic arp inspection, but need to know what the recommended DHCP lease duration should be to properly function with DHCP snooping. Understandably they are separate functions and will work at any setting, but what is the recommended time setting and why? Example, what would be the advantages/disadvantages of having the scope durations expire in 8 days vs say 2 days?

I know there most likely is not formal policy, but I need recommendations and the reasons to justify a standard/best practice.

Thanks,

-Scott

claudio.maroni · ‎05-18-2007

I think that a value between 4 and 6 days is a good practice, because every time the client change its ip address, ip snooping and arp inspection need to update their tables, using CPU. So i think that it is important to don't use a low value as lease time.

swharvey · ‎05-19-2007

That you for your time suggestions. Could I please ask the reasons why? I understand that the dhcp and arp tables update when dhcp renewals and legitimate arp's occur. What I am asking for are valid reasons/benefits that are gained from changig our current dhcp settings. Are there security benefits to having dhcp values set lower? For example, would lower dhcp values improve chances to catch illegal dhcp servers or clients, or man in the middle attacks?

Management (and I) require an understanding of the process and the reasons before we can make a change to our dhcp expiration settings.

Thanks,

-Scott