Solved

dhcp snooping

Posted on 2011-03-09
4
492 Views
Last Modified: 2012-05-11
If I understand DHCP Snooping is configured  at the global level on the switch then we can select the port where the trusted DHCP server is plugged into, and configure that port as DHCP snooping trust.
In most environment when the first time they set up an access switch they don't configure it for DHCP snooping.
the very rare scenarios they set up DHCP snooping only on the access switch where the trusted DHCP  is plugged to.
So what about other access switches? do they need to be configured for DHCP snooping too? if so, why it is not enabled by default by cisco at the first place?

Thanks

0
Comment
Question by:jskfan
  • 3
4 Comments
 
LVL 1

Accepted Solution

by:
amulheirn earned 500 total points
ID: 35087731
Hi -

Yes - DHCP snooping needs to be configured on access switches too.  The ports that you put as trust would be the uplink ports to the core switch.

I guess it is not configured by default because Cisco don't know which ports you are going to use for your uplinks.

Regards,

A.
0
 

Author Comment

by:jskfan
ID: 35092228
I thought the DHCP snooping is configure on access ports that s where usually windows servers(DHCP) are connected to.


Cisco has many security features that are not enabled by default but critical:
DHCP Snooping
ARP Inspection
Port Security Violation.

why are not enabled by default ?
0
 

Author Comment

by:jskfan
ID: 35186608
any updates??
0
 

Author Closing Comment

by:jskfan
ID: 35213032
thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 102
MAC address learning of Riverbed 4 45
Server 2008 to 2016 Essentials migration problem 6 51
Unmanaged Switches for Optimized Network Speeds 7 39
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question