Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

DHCP Spoofing

Hello,

I wish to setup DHCP Spoofing on my system. I just have a couple of questions please.

 

1. Do I need to configure this on every switch on the system? Or just the core Layer 3 switch that hosts the VLANS?

2. Can I put the port trust command on a trunk port? I have my DHCP server as a virtual machine, the VM hosts are connected a few trunk ports on our core.

 

Many Thanks

 

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hi zakfleming1, - DHCP

Hi zakfleming1,

 

- DHCP Snooping should be configured in all switches/VLANs that will handle DHCP traffic in your network.

- You need to "trust" only ports/uplinks where "DHCP Offer" packets from the DHCP server will come in; ports connected to VM hosts(DHCP clients) should not be trusted.

 

Hope this helps

 

Caleb Quiros

2 REPLIES
Cisco Employee

Hi zakfleming1, - DHCP

Hi zakfleming1,

 

- DHCP Snooping should be configured in all switches/VLANs that will handle DHCP traffic in your network.

- You need to "trust" only ports/uplinks where "DHCP Offer" packets from the DHCP server will come in; ports connected to VM hosts(DHCP clients) should not be trusted.

 

Hope this helps

 

Caleb Quiros

New Member

Thanks, sorry for the very

Thanks, sorry for the very late reply. I ended up moving jobs and totally forgot I posted this. Thanks for your help.

62
Views
0
Helpful
2
Replies
CreatePlease to create content