Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

What are features for detecting duplicate ip addresses?

I wanna know what features of cisco 3750 for detecting duplicate ip addresses.let's say I assign 5 IP addresses for my managers by using the dhcp server.If someone(internal users) try to set those ip addresses manually then how do I (prevent/detect) duplicate ip addresses in this case.

What are features of cisco 3750 can do?

please feel free to add any comments

Thanks

Thot

2 REPLIES

Re: What are features for detecting duplicate ip addresses?

I think the DHCP server will check that an IP address is not in use (by ARPing for it) before it issues it.

Conversely, a statically configured PC will also do an ARP for its own address before it boots up, and if it detects a conflict it will tell the user and not boot. I cannot say what other types of host might do.

If you really want to tie it down, you could make a fixed DHCP mapping, but this can get administratively heavy on a big site.

Kevin Dorrell

Luxembourg

Bronze

Re: What are features for detecting duplicate ip addresses?

Take a look at IP Source Guard. It's one part of a really nice suite of features aimed at layer 2 security. It rides on DHCP snooping which, in and of itself, is useful for blocking rogue DHCP servers.

DHCP Snooping and IP Source Guard on the 3750

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00805a6568.html

You might also consider adding Dynamic ARP Inspection to round out the trio.

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00805a64f2.html

312
Views
0
Helpful
2
Replies