DHCP snooping

adamgibs7 · ‎11-03-2014

Hello

i want to implement DHCP snooping and below are the commands, can any body confirm that i am on the correct path of configuration, or else anybody can route me to the configuration example.

too enable globally

Switch(config)# ip dhcp snooping

to enable on specific user vlans

Switch(config)# ip dhcp snooping vlan 10 100

DHCP server interface on the switch

Switch(config-if)# ip dhcp snooping trust

To detect a fake DHCP in vlan 10,100

Switch(config)# ip dhcp snooping detect spurious vlan 10,100

Time interval for detecting suprios DHCP server

Switch(config)# ip dhcp snooping detect spurious interval 50

paul driver · ‎11-03-2014

Hello

1) requires to active ip dhcp snooping the ip dhscp snooping vlan xx - Completed
2) if applied to one switch with uplinks switches, then the uplink switch will require snooping enabled also and its trunk links trusted ONLY if the dhcp server is originating from the uplink switch.- Completed

3) if dhcp server is attached to the same switch as the snooping database then just trust
the interface where the server is situated - Completed

FYI - As long as interfaces are trusted the snooping database does nothing else.
It listens on the the untrsuted ports and snoops the ip & macs.

Snooping database WILL NOT be populated with exisitng clients,
it will populate next time dhcp renews

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

adamgibs7 · ‎11-05-2014

Dear Paul

Do i require a below command and what exactly it does, i have read but not pretty sure.

Switch(config)# ip dhcp snooping information option

thanks