Scribd Logo
Upload

Welcome to Scribd!

  • 5 - DHCP Snooping Concepts

    Uploaded by

    نكت مضحكة
    47 views1 page

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    47 views1 page

    5 - DHCP Snooping Concepts

    Uploaded by

    نكت مضحكة

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Why DHCP snooping?

    DHCP snooping is enabled on the VLAN level on a switch.

    DHCP snooping is a feature that exists on a switch.

    It creates two types of ports: trusted and untrusted. When DHCP


    snooping is enabled on a switch, all ports are labeled as untrusted, and this
    prevents any DHCP Offer and DHCP ACK messages from entering the switch.
    However, the port that is connected to the DHCP server should be
    configured manually as a trusted port. The trusted port allows the DHCP Offer
    and DHCP ACK messages to enter the switch.

    The DHCP snooping feature is a countermeasure against any rogue DHCP


    server that may be attached to the network infrastructure.

    Setting The LAB


    DHCP SERVER TRUSTED
    IOU2#configure terminal
    Enter configuration commands, one per line. End with CNTL/Z.

    ip dhcp excluded-address 10.123.0.50 10.123.0.253

    IOU2(config)#ip dhcp pool CLIENT_LAN


    IOU2(dhcp-config)#network 10.123.0.0 255.255.255.0
    IOU2(dhcp-config)#dns-server 8.8.8.8
    IOU2(dhcp-config)#default-router 10.123.0.1

    You might also like