02-04-2014 04:29 AM - edited 03-07-2019 05:59 PM
Hi , I have this scenario :
I want to implement DHCP snooping in one site. Let`say I have a single Cat 6509 switch , that acts as a both Core and Access switch and it`s acting also as a DHCP server.
All the devices in the infrastructure are connected to this switch.
How can I implement DHCP snooping , what are the "trusted" ports ?
Thanks for your help.
02-04-2014 06:31 AM
This sounds interesting , it may be the answer that I`m looking for :
4) if the dhcp server is originating on the switch then no need to applly the trusted command.
02-04-2014 06:39 AM
Pdriver,
That makes sense. I"m assuming that since if an untrusted port on a switch with DHCP Snooping enabled, and enabled for that specific vlan, has a DHCP Broadcast hit that port, it will forward it out all trusted ports, but in theory, since they're arent really any trusted ports, since the DHCP Server is on the switch itself, then the port would just need to be untrusted.
02-04-2014 06:44 AM
That makes sense.
So it makes sense when someone else says it just not me
Jon
02-04-2014 08:00 AM
Hello John ( there a lot of johns / jons on this forum dont you think - )
All ports are untrusted by default when DHCP snoping is enabled as you aware and because dhcp DORA's are not orignating from any of them, there is no need to tust any,
That how I remember from testing Snooping/DAI/IPSG it in the past.
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide