Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1791
Views
10
Helpful
2
Replies

DHCP snooping on switch where DHCP server locally configured

Mohammad Ramadan A.Hafiez
Level 3
Level 3

‎09-16-2017 08:02 AM - edited ‎03-08-2019 12:03 PM

Hello Guys,

                In case of the need to configure  DHCP snooping protection feature on a switch, you'll need to trust the switch port where the DHCP offer message "DHCP server port" will be sent as a trust port.

that about the case in which the switch ascts as the SHCP server and the DHCP service configured on it?

do I still need to trust a port? which port while this is locally configured?

or We simply don't need to trust any port?

sample configuration if possible please.

 

Thank you all,

MR

 

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎09-16-2017 10:30 AM

Hello,

DHCP snooping is supposed to protect your network from unauthorized, external DHCP servers. If the switch itself is the only DHCP server, you don't need snooping at all. If you have both, you need to trust the ports where the external servers are connected to. The internal DHCP server does not need a trust port.

Reza Sharifi
Hall of Fame
Hall of Fame

‎09-16-2017 10:32 AM

Hi,

If the DHCP scope is configured locally on the switch than you don't need any trusted interface.

The traffic will be output from the switch to clients connected to access ports.

HTH

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card