Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DHCP snooping trust command info

Hi all,

I had layer 3 switches Providing DHCP to clients.

Users connect to access layer switch and that has trunk connection to layer 3.

Layer config

ip dhcp snooping

ip dhcp snooping vlan 20

Now layer 2 switch has no dhcp snooping config.

When user connects to layer 2 switch he gets the IP address.

On layer 3 switch i can see that dhcp snooing binding.

My question is  this right decesion if switch is providing the DHCP?

Second  question  is that it is working fine without marking any trust port on layer 2 or layer 3 switch?

Thanks

MAhesh

1 ACCEPTED SOLUTION

Accepted Solutions

DHCP snooping trust command info

Hello Manesh,

That is one of the many designs.

The switch will act as the DHCP server and DHCP snooping database, that will mean all of it's ports will be on the untrusted state.

You should not have any issues.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
1 REPLY

DHCP snooping trust command info

Hello Manesh,

That is one of the many designs.

The switch will act as the DHCP server and DHCP snooping database, that will mean all of it's ports will be on the untrusted state.

You should not have any issues.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
331
Views
0
Helpful
1
Replies
CreatePlease login to create content