Solved

dhcp snooping

Posted on 2011-03-09
4
488 Views
Last Modified: 2012-05-11
If I understand DHCP Snooping is configured  at the global level on the switch then we can select the port where the trusted DHCP server is plugged into, and configure that port as DHCP snooping trust.
In most environment when the first time they set up an access switch they don't configure it for DHCP snooping.
the very rare scenarios they set up DHCP snooping only on the access switch where the trusted DHCP  is plugged to.
So what about other access switches? do they need to be configured for DHCP snooping too? if so, why it is not enabled by default by cisco at the first place?

Thanks

0
Comment
Question by:jskfan
  • 3
4 Comments
 
LVL 1

Accepted Solution

by:
amulheirn earned 500 total points
ID: 35087731
Hi -

Yes - DHCP snooping needs to be configured on access switches too.  The ports that you put as trust would be the uplink ports to the core switch.

I guess it is not configured by default because Cisco don't know which ports you are going to use for your uplinks.

Regards,

A.
0
 

Author Comment

by:jskfan
ID: 35092228
I thought the DHCP snooping is configure on access ports that s where usually windows servers(DHCP) are connected to.


Cisco has many security features that are not enabled by default but critical:
DHCP Snooping
ARP Inspection
Port Security Violation.

why are not enabled by default ?
0
 

Author Comment

by:jskfan
ID: 35186608
any updates??
0
 

Author Closing Comment

by:jskfan
ID: 35213032
thanks
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now