Solved

DHCP snooping, Arp inspect

Posted on 2011-09-15
2
482 Views
Last Modified: 2012-05-12
I have a L2 LAN stack, 3750's.

If I add the following in this order:

Switch(config)# ip dhcp snooping
Switch(config)# ip dhcp snooping vlan 10
Switch(config)# ip arp inspection vlan 10

Port-Channel Trunk
Switch(config-if)# ip dhcp snooping trust
Switch(config-if)# ip arp inspection trust

int gi4/0/2
Switch(config-if)# ip dhcp snooping trust
Switch(config-if)# ip arp inspection trust

Is this safe to do on production device during day.




0
Comment
Question by:s_coad5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 36545609
Well considering once you enable dhcp snooping all the ports are untrusted until you trust some of the ports. Otherwise, while I wouldn't recommend entering it during the day, it don't see why it would disrupt anything. The risk is yours to take. I would wait till off hours for any change though. Sometimes things can unexpectedly happen that you don't expect. Better to be safe than sorry.
0
 

Author Closing Comment

by:s_coad5
ID: 36545740
awesome!, thanks
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question