Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DHCP Snooping on multiple switches

I'd like to configure dhcp snooping on a multiple switch environment (almost all 6500s), but I have some concerns on trunking ports.

1) not-so-simple question:

I have this layout

- dhcp server connecting to port 1 of switch 1; access vlan on vlan 1

- dhcp client connecting to port 2 of switch 2; access vlan on vlan 2

switch 1 and 2 are connected via a trunk port (port 3 on both).

L3 for both vlan 1 and 2 is configured on switch 1.

Should I configure port 3 of switch 2 as a trusted port?

TIA

Ivan

1 REPLY
Hall of Fame Super Silver

Re: DHCP Snooping on multiple switches

Hello Ivan,

>> Should I configure port 3 of switch 2 as a trusted port?

yes otherwise legitimate traffic could be dropped.

DHCP snooping looks at the source ip address and you are likely to receive traffic with arbitrary source ip address on this port to the default gateway coming from all other possible vlans/subnets or even from internet

Hope to help

Giuseppe

984
Views
0
Helpful
1
Replies