DHCP Snooping

Unanswered Question
Nov 12th, 2009

Hi, I have server farm and user farm having 5 layer-2 switches each farm.Connectivity between both farms are L3. I have DHCP server in Server farm. I want to enable DHCP Snooping. I have made all ports as Untrusted in User farm. Now Should I have to make Trust port on Server farm switch where DHCP server is hosted? Can DHCP snooping cross L-3 domain?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Amit Singh Thu, 11/12/2009 - 05:15

Yes, you have the trust interface from where the DHCP packets will be travelling to the switches. If its a trunk port, trust the trunk port. If it is a Vlan SVI or L3 port using the IP helper-address command to DHCP relay, trust the ports as well.


http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_see/configuration/guide/swdhcp82.html#wp1070843


HTH

Actions

This Discussion