Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
424
Views
8
Helpful
2
Replies

dhcp

dkblee
Level 1
Level 1

‎08-12-2010 09:23 AM - edited ‎03-06-2019 12:27 PM

hi! how do i check which sw/port a rogue dhcp is connected in my switch?

thx

Labels:
0 Helpful
2 Replies 2

Siddharth Chandrachud
Cisco Employee
Cisco Employee

‎08-12-2010 11:12 AM

a. There is no easy way. But you can do some troubleshooting to try to find out where it resides.

b. Note down the ip address of the legitimate DHCP server on your network. (cmd  ipconfig/all) Take a couple of test workstations, from cmd you can do release/renew multiple times and see if the DHCP server ip changes to one that not the legitimate DHCP server.

c. So now that you know the ip of the rogue DHCP server, ping the ip from the switch. Then do a show arp . This will map the ip to a mac-address. Then do a show mac-address-table <>. This will map the mac-address to a port. Go on to the next networking device till you find the port the DHCP server is connected to.

d. Additionally, you can try to configure DHCP snooping which can prevent rougue DHCP servers to reply to DHCP requests.

Sid Chandrachud

TAC Security Solutions

Customer Support Engineer

Chad Peterson
Cisco Employee
Cisco Employee
In response to Siddharth Chandrachud

‎08-17-2010 10:50 AM

Just to add on to what Sid already said.  DHCP snooping will report where these rogue servers are.  We support it on just about all of our switches, so likely its an option...and overall its really easy to configure...even if you are just configuring it for an evening to find out where these rogues are.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card