DHCP Snooping

refram · ‎01-26-2007

Don't know who else to write to with this, don't know if the proper people will even see it here, but I can't get to TAC without paying for it.

There's a misspelling of a word in the CLI of my 3550 switch (at least there is in version 12.2(25)SEE). When applying DHCP Snooping, type, "ip dhcp snooping vlan ?" and it will tell you "WORD DHCP Snooping vlan fist number..." rather than "...first number...".

It's a small thing, but - y'know.

beth-martin · ‎02-01-2007

DHCP snooping is a DHCP security feature that provides network security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall that can cause traffic attacks within your network.

The DHCP snooping binding table contains the MAC address, IP address, lease time, binding type, VLAN number, and interface information that corresponds to the local untrusted interfaces of a switch; it does not contain information regarding hosts interconnected with a trusted interface. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network.

DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. It also gives you a way to differentiate between untrusted interfaces connected to the end user and trusted interfaces connected to the DHCP server or another switch.

Try:

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801cdf1c.html

franklaszlo · ‎02-01-2007

Martin,

sorry, but did you read the post ??