We have Windows DHCP server running on the existing LAN setup consosting many L2 and L3 switches. Switches are connected to each other by trunks. We are planning to configure DHCP server on each switch seperately. I need to make sure that once swicth is configured as a DHCP server all hosts connected to that swicth will get IP address only from that switch. Even if by some chance, if any host gets an IP from windows DHCP server it will be in different subnet and it will not be able to communicate with any other device. For that I need to configure DHCP snooping on the trunk port in such a way that it will "NOT accept" any DHCP replies. In our case reply from windows DHCP server. In notmal case DHCP replies are accepted only from trunk ports but in out case it is exactly opposite.
Please share the experience.
Any link on cisco.com is highly appreciable.
Thanks in advance.
>> We are planning to configure DHCP server on each switch seperately
Well, let me say this is quite uncommon, centralized DHCP servers have their advantages.
I guess you are in the middle of an address plan migration.
I would consider using ip address secondary on default gateways and resizing current dhcp scopes
However, if you enable DHCP snooping it is enough to let the trunk port untrusted (that is by default) to block DHCP server activity.
interface range GigabitEthernet 1/1 - 2
switchport mode trunk
switchport trunk encapsulation dot1q
>>>no ip dhcp snooping trust
Hope to help