Say I have a core switch at 192.168.100.5, and I have a user add another switch on the network at their desk that's also addressed at 192.168.100.5. Is the best way to handle the situation by using dynamic arp inspection to shut down the port, or is dhcp snooping the best way?
We want to avoid having someone bring our core down. :)
You implement DAI along with ip arp inspection filter http://www.cisco.com/en/US/docs/ios/ipaddr/command/reference/iad_arp.html#wp1012267 for static IP assignment
and DAI with DHCP snooping for dynamic IP assignment.
More reading material