05-17-2007 11:11 AM - edited 03-05-2019 04:08 PM
We are deploying dhcp snooping and dynamic arp inspection, but need to know what the recommended DHCP lease duration should be to properly function with DHCP snooping. Understandably they are separate functions and will work at any setting, but what is the recommended time setting and why? Example, what would be the advantages/disadvantages of having the scope durations expire in 8 days vs say 2 days?
I know there most likely is not formal policy, but I need recommendations and the reasons to justify a standard/best practice.
Thanks,
-Scott
05-18-2007 07:00 AM
I think that a value between 4 and 6 days is a good practice, because every time the client change its ip address, ip snooping and arp inspection need to update their tables, using CPU. So i think that it is important to don't use a low value as lease time.
05-19-2007 09:16 AM
That you for your time suggestions. Could I please ask the reasons why? I understand that the dhcp and arp tables update when dhcp renewals and legitimate arp's occur. What I am asking for are valid reasons/benefits that are gained from changig our current dhcp settings. Are there security benefits to having dhcp values set lower? For example, would lower dhcp values improve chances to catch illegal dhcp servers or clients, or man in the middle attacks?
Management (and I) require an understanding of the process and the reasons before we can make a change to our dhcp expiration settings.
Thanks,
-Scott
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: