Avatar of Shark Attack
Shark Attack
 asked on

DHCP Snooping

If I have DHCP configured on my switch, how do I configure DHCP snooping? I know that if you have a dhcp server on a switch port, that's where you apply the IP DHCP SNOOPING TRUST as well as on the links between switches and tot he router. If I don't have a physical DHCP server, how do I configure DHCP snooping?

Thanks,
Network ArchitectureSwitches / HubsRouters

Avatar of undefined
Last Comment
Shark Attack

8/22/2022 - Mon
Predrag Jovic

It does no matter if you have physical server or not. You mark port that is trusted - the port from which DHCP offer  will be received. DHCP offer can only came from trusted port, any other port if DHCP offer is received will be error-disabled.
Shark Attack

ASKER
Well, if I have the below scope configured, which port do I mark as trusted? How do i know what port DHCP offer will be received from?

ip dhcp pool Guest-Pool
   network 192.168.202.64 255.255.255.192
   default-router 192.168.202.65 
   dns-server 1.1.1.1 1.1.1.2 

Open in new window

ASKER CERTIFIED SOLUTION
Predrag Jovic

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Shark Attack

ASKER
thanks!
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Shark Attack

ASKER
how do I set the port to be NOT trusted ?
Predrag Jovic

You don't, all ports are untrusted except of ports that you configured as trusted ports.
Shark Attack

ASKER
thats what I thought. thanks
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.