Solved: DHCP Spoofing

zakfleming1 · ‎09-08-2014

Hello,

I wish to setup DHCP Spoofing on my system. I just have a couple of questions please.

1. Do I need to configure this on every switch on the system? Or just the core Layer 3 switch that hosts the VLANS?

2. Can I put the port trust command on a trunk port? I have my DHCP server as a virtual machine, the VM hosts are connected a few trunk ports on our core.

Many Thanks

Caleb Quiros · ‎09-08-2014

Hi zakfleming1,

- DHCP Snooping should be configured in all switches/VLANs that will handle DHCP traffic in your network.

- You need to "trust" only ports/uplinks where "DHCP Offer" packets from the DHCP server will come in; ports connected to VM hosts(DHCP clients) should not be trusted.

Hope this helps

Caleb Quiros

View solution in original post

Caleb Quiros · ‎09-08-2014

Hi zakfleming1,

- DHCP Snooping should be configured in all switches/VLANs that will handle DHCP traffic in your network.

- You need to "trust" only ports/uplinks where "DHCP Offer" packets from the DHCP server will come in; ports connected to VM hosts(DHCP clients) should not be trusted.

Hope this helps

Caleb Quiros

zakfleming1 · ‎07-22-2015

Thanks, sorry for the very late reply. I ended up moving jobs and totally forgot I posted this. Thanks for your help.