Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
247
Views
0
Helpful
2
Replies

DHCP Snooping Questions

rshum
Level 1
Level 1

‎09-08-2009 05:10 PM - edited ‎03-06-2019 07:38 AM

From what I've read DHCP snooping can help prevent unauthorized DHCP servers from causing disruptions on the network. I don't see how that is from the configurations I've read.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/12ew/configuration/guide/dhcp.pdf

I want to implement something on my private network that is comprised of over 100 VLAN's. I can't see how the commands detailed on that page can stop an unauthorized DHCP server from responding to DHCP requests. Am I missing something?

Labels:
0 Helpful
2 Replies 2

Edison Ortiz
Hall of Fame
Hall of Fame

‎09-08-2009 05:37 PM

When you enable DHCP Snooping, all switchports will automatically become untrusted thus you will manually need to identify the switchport where real DHCP is connected to - and dhcp trust that port.

You will need to dhcp trust inter-switch links as well.

If you don't dhcp trust a switchport, no DHCP server information will be relayed into your switched network.

__

Edison.

0 Helpful

rshum
Level 1
Level 1
In response to Edison Ortiz

‎09-08-2009 05:53 PM

Thanks Edison, I was afraid of that. I have had issues with users who come in with a DHCP server like a small home router and plug into their network jacks. I can't put in .1X authentication yet so I couldn't go in that direction.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card