cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

307
Views
4
Helpful
3
Replies
Highlighted
Beginner

DHCP Snooping when using Switches' DHCP Server

Hi All,

So my core switches are configured to be DHCP servers on my LAN.

Recently I suffered a problem with an external DHCP server being plugged into my network - not malicious, just a mistake.

So I thought I'd look into DHCP snooping, but everyting I read says to configure the ports leading to the DHCP server as trusted - how can I do that when it's the core switch? 

Everyone's tags (1)
3 REPLIES 3
VIP Mentor

Hi

Hi

if the switch is the DHCP server then the ports don't require to be trusted , switch is generating the DHCP messages so there no requirement for it to trust them like an external DHCP server or non Cisco switch that's generating them

Beginner

If your end-users are

If your end-users are connected directly on your core switches, you don't need dhcp snooping because it's your switches directly which deliver DHCP frames.

If you have access switches linked to your core switches, then you can start to think about implementing DHCP Snooping.

Basically, you'll have to trust your uplink on your access switches (the link from your acces switches to your core switches) and let your access ports as untrusted.

Best regards

Yoann

VIP Advisor

Hello

Hello

Apologies- hadn't refreshed the page - I can see this has already been stated!

There is always a chance a rouge dhcp server is introduced by the access switches , So dhcp snooping wouldn't be just applied on the core, you should apply it on the access switches also, And that mean trusting the interconects to the core.

res
Paul



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards