Switch security: dhcp snooping

Switch security: dhcp snooping

by Cyrus Lok on Sunday, June 20, 2010 at 4:50am

2950-1(config)#ip dhcp snooping
2950-1(config)#ip dhcp snooping vlan 101
2950-1(config)#int fa0/21
2950-1(config-if)#switchport access vlan 101
2950-1(config-if)#ip dhcp snooping trust

when ip dhcp snooping is turned on globally, all ports are set to untrusted ports. fa0/21 is the port that should be trusted as dhcp server is located here.

2950-1#sh ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
101
Insertion of option 82 is enabled
Interface Trusted Rate limit (pps)
———————— ——- —————-
FastEthernet0/21 yes unlimited

Advertisements
This entry was posted in Route, Security and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s