Hi all, after a rogue adsl router nearly bought my clients to a halt over the weekend. I am going to look into implenting dhcp snooping.
Firstly, Can anyone tell me where we do this, do we do it on all switches, or do layer 3 switches only support this ? also how does it work in a simple way, i believe you simply set the port for dhcp to trusted and the others to non trusted, is this right ?, and can it cause any issues ?
You would add dhcp snooping on all of the switches that interconnect. When you enable dhcp snooping globally, I believe (others can correct me) ALL ports are untrusted, and you have to enable the trusted port (the port that you KNOW a valid DHCP server is on) manually. You can run DHCP snooping on 2950 (L2) switches, but I can't speak for, say the Cisco Express 500 series.
Yes. If you have switches connected to multiple switches, then the connected trunk ports should be trusted. If you have an untrusted trunk port and it sees a dhcp packet come across it, it will shut the port down in an err-disabled state (I believe).
I just wanted to add one comment, because it is a mistake I have made in the past. If you have Etherchannel trunks between your switches, you have to trust both your phycical ports that belong to the channel-group and the logical interface, i.e. "interface Port-channel1".
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...