Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

DHCP Snooping Questions

From what I've read DHCP snooping can help prevent unauthorized DHCP servers from causing disruptions on the network. I don't see how that is from the configurations I've read.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/12ew/configuration/guide/dhcp.pdf

I want to implement something on my private network that is comprised of over 100 VLAN's. I can't see how the commands detailed on that page can stop an unauthorized DHCP server from responding to DHCP requests. Am I missing something?

  • LAN Switching and Routing
2 REPLIES
Hall of Fame Super Bronze

Re: DHCP Snooping Questions

When you enable DHCP Snooping, all switchports will automatically become untrusted thus you will manually need to identify the switchport where real DHCP is connected to - and dhcp trust that port.

You will need to dhcp trust inter-switch links as well.

If you don't dhcp trust a switchport, no DHCP server information will be relayed into your switched network.

__

Edison.

New Member

Re: DHCP Snooping Questions

Thanks Edison, I was afraid of that. I have had issues with users who come in with a DHCP server like a small home router and plug into their network jacks. I can't put in .1X authentication yet so I couldn't go in that direction.

110
Views
0
Helpful
2
Replies
This widget could not be displayed.