cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
490
Views
0
Helpful
1
Replies
Highlighted
Frequent Contributor

DHCP snooping trust command info

Hi all,

I had layer 3 switches Providing DHCP to clients.

Users connect to access layer switch and that has trunk connection to layer 3.

Layer config

ip dhcp snooping

ip dhcp snooping vlan 20

Now layer 2 switch has no dhcp snooping config.

When user connects to layer 2 switch he gets the IP address.

On layer 3 switch i can see that dhcp snooing binding.

My question is  this right decesion if switch is providing the DHCP?

Second  question  is that it is working fine without marking any trust port on layer 2 or layer 3 switch?

Thanks

MAhesh

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

DHCP snooping trust command info

Hello Manesh,

That is one of the many designs.

The switch will act as the DHCP server and DHCP snooping database, that will mean all of it's ports will be on the untrusted state.

You should not have any issues.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

1 REPLY 1
Highlighted

DHCP snooping trust command info

Hello Manesh,

That is one of the many designs.

The switch will act as the DHCP server and DHCP snooping database, that will mean all of it's ports will be on the untrusted state.

You should not have any issues.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

Content for Community-Ad