5 - DHCP Snooping Concepts

DHCP snooping is a feature on switches that labels ports as trusted or untrusted and prevents DHCP messages from entering the switch on untrusted ports, except for the port connected to the DHCP server, which is configured as trusted. This helps prevent rogue DHCP servers from being attached to the network by blocking DHCP offers from unknown sources. The document then provides configuration examples for setting up a DHCP server on a trusted port and defining the DHCP pool details.

Uploaded by

نكت مضحكة

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

136 views1 page

5 - DHCP Snooping Concepts

Uploaded by

نكت مضحكة

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 1

Why DHCP snooping?

DHCP snooping is enabled on the VLAN level on a switch.

DHCP snooping is a feature that exists on a switch.

It creates two types of ports: trusted and untrusted. When DHCP

snooping is enabled on a switch, all ports are labeled as untrusted, and this
prevents any DHCP Offer and DHCP ACK messages from entering the switch.
However, the port that is connected to the DHCP server should be
configured manually as a trusted port. The trusted port allows the DHCP Offer
and DHCP ACK messages to enter the switch.

The DHCP snooping feature is a countermeasure against any rogue DHCP

server that may be attached to the network infrastructure.

Setting The LAB

DHCP SERVER TRUSTED
IOU2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

ip dhcp excluded-address 10.123.0.50 10.123.0.253

IOU2(config)#ip dhcp pool CLIENT_LAN

IOU2(dhcp-config)#network 10.123.0.0 255.255.255.0
IOU2(dhcp-config)#dns-server 8.8.8.8
IOU2(dhcp-config)#default-router 10.123.0.1

NSE - 4 - Study - Guide - 1
100% (1)
NSE - 4 - Study - Guide - 1
2 pages
2.5.5 Packet Tracer - Configure Initial Switch Settings
No ratings yet
2.5.5 Packet Tracer - Configure Initial Switch Settings
5 pages
8.5.1.3 Packet Tracer - Implementing Basic Connectivity - ILM
No ratings yet
8.5.1.3 Packet Tracer - Implementing Basic Connectivity - ILM
5 pages
5.1.9 Packet Tracer - Investigate STP Loop Prevention
No ratings yet
5.1.9 Packet Tracer - Investigate STP Loop Prevention
2 pages
Configuring STP
No ratings yet
Configuring STP
4 pages
8.4.1.3 Lab - Configure Site-To-Site VPN Using CLI - Instructor
100% (1)
8.4.1.3 Lab - Configure Site-To-Site VPN Using CLI - Instructor
16 pages
10.1.4 Packet Tracer - Configure Initial Router Settings ANSWERED
No ratings yet
10.1.4 Packet Tracer - Configure Initial Router Settings ANSWERED
4 pages
Lab 5.5.1: Basic Spanning Tree Protocol: Topology Diagram
No ratings yet
Lab 5.5.1: Basic Spanning Tree Protocol: Topology Diagram
36 pages
CCNA 2 RSE Practice Skills Assessment v5
No ratings yet
CCNA 2 RSE Practice Skills Assessment v5
11 pages
7.3.7 Lab - View The Switch MAC Address Table (Seng Pisey)
No ratings yet
7.3.7 Lab - View The Switch MAC Address Table (Seng Pisey)
11 pages
ASA5506 9-3-1-2 Lab - Configure ASA Basic Settings and Firewall Using CLI - 1-26
50% (2)
ASA5506 9-3-1-2 Lab - Configure ASA Basic Settings and Firewall Using CLI - 1-26
31 pages
Lab 5
No ratings yet
Lab 5
12 pages
3.11.1 Packet Tracer - Network Security Exploration - Physical Mode
No ratings yet
3.11.1 Packet Tracer - Network Security Exploration - Physical Mode
8 pages
How To Configure VLAN and interVLAN Routing in Packet Tracer
No ratings yet
How To Configure VLAN and interVLAN Routing in Packet Tracer
14 pages
10.4.4 Lab - Build A Switch and Router Network
No ratings yet
10.4.4 Lab - Build A Switch and Router Network
13 pages
4.2.2.4 Lab - Troubleshooting EtherChannel
No ratings yet
4.2.2.4 Lab - Troubleshooting EtherChannel
2 pages
CCNA Routing and Switching
No ratings yet
CCNA Routing and Switching
9 pages
3.2.1.3 Packet Tracer - Configuring EtherChannel Instructions
0% (1)
3.2.1.3 Packet Tracer - Configuring EtherChannel Instructions
3 pages
Comandos Configurar Switch Cisco
No ratings yet
Comandos Configurar Switch Cisco
12 pages
EIGRP E2 Lab 9 6 2
No ratings yet
EIGRP E2 Lab 9 6 2
8 pages
Ccnpv7.1 Switch Lab3-1 Vlan-trunk-Vtp Instructor
No ratings yet
Ccnpv7.1 Switch Lab3-1 Vlan-trunk-Vtp Instructor
33 pages
Ccnpv7.1 Switch Lab5-2 Dhcp46 Student
No ratings yet
Ccnpv7.1 Switch Lab5-2 Dhcp46 Student
16 pages
2 1 2 10+Lab+-+Building+a+Switched+Network+with+Redundant+Links
No ratings yet
2 1 2 10+Lab+-+Building+a+Switched+Network+with+Redundant+Links
9 pages
4.4.3.4 Lab - Configuring HSRP and GLBP
0% (1)
4.4.3.4 Lab - Configuring HSRP and GLBP
9 pages
12.7.4 Lab - Identify IPv6 Addresses
No ratings yet
12.7.4 Lab - Identify IPv6 Addresses
4 pages
11.1.10 Packet Tracer - Implement Port Security
No ratings yet
11.1.10 Packet Tracer - Implement Port Security
3 pages
VLAN Workshop (2024)
No ratings yet
VLAN Workshop (2024)
6 pages
CCNA Training Hot Standby Router Protocol HSRP Tutorial
No ratings yet
CCNA Training Hot Standby Router Protocol HSRP Tutorial
4 pages
Universidad Autonoma de Nuevo Leon: Facultad de Ingeniería Mecánica Eléctrica Laboratorio CISCO 2
No ratings yet
Universidad Autonoma de Nuevo Leon: Facultad de Ingeniería Mecánica Eléctrica Laboratorio CISCO 2
6 pages
6.3.6 Lab - Basic Device Configuration and OSPF Authentication
No ratings yet
6.3.6 Lab - Basic Device Configuration and OSPF Authentication
7 pages
13 The Cisco Troubleshooting Methodology Answer Key
No ratings yet
13 The Cisco Troubleshooting Methodology Answer Key
5 pages
CCNP Labs
No ratings yet
CCNP Labs
9 pages
Assessment System: Take Assessment - SWITCH Chapter 7 - CCNP SWITCH (Version 6.0)
100% (1)
Assessment System: Take Assessment - SWITCH Chapter 7 - CCNP SWITCH (Version 6.0)
7 pages
Lab 1.5.3: Challenge Router Configuration: Topology Diagram
No ratings yet
Lab 1.5.3: Challenge Router Configuration: Topology Diagram
4 pages
2 Vlan, Access, Trunk
No ratings yet
2 Vlan, Access, Trunk
38 pages
Chapter 5 Lab 5-2 - DHCP: Topology
No ratings yet
Chapter 5 Lab 5-2 - DHCP: Topology
25 pages
Enetwork Practice Final Exam - Ccna Exploration Network Fundamentals (Version 4.0)
No ratings yet
Enetwork Practice Final Exam - Ccna Exploration Network Fundamentals (Version 4.0)
24 pages
Practica 2 Configurando El Router
No ratings yet
Practica 2 Configurando El Router
11 pages
2 5 3
No ratings yet
2 5 3
13 pages
Routing: Engr. Neriza V. Bustillo, Mpa, Mit
No ratings yet
Routing: Engr. Neriza V. Bustillo, Mpa, Mit
35 pages
En ENetwork IPTM v4040
No ratings yet
En ENetwork IPTM v4040
38 pages
CCNA 3 Exploration ESwitching Final Exam Form2 V 4.0
No ratings yet
CCNA 3 Exploration ESwitching Final Exam Form2 V 4.0
17 pages
7.4.1 Basic DHCP y NAT Configuration PDF
No ratings yet
7.4.1 Basic DHCP y NAT Configuration PDF
12 pages
CCNPv7 SWITCH - SBA Version A - STUDENT
0% (1)
CCNPv7 SWITCH - SBA Version A - STUDENT
5 pages
9.4.1.7 Lab - Configuring ASA 5510 Basic Settings and Firewall Using ASDM - Instructor
No ratings yet
9.4.1.7 Lab - Configuring ASA 5510 Basic Settings and Firewall Using ASDM - Instructor
56 pages
CCNA Dis2 - Chapter 6 - Routing - PPT (Compatibility Mode)
No ratings yet
CCNA Dis2 - Chapter 6 - Routing - PPT (Compatibility Mode)
66 pages
Lab2 - Configuring A Switch Management Address: Topology
No ratings yet
Lab2 - Configuring A Switch Management Address: Topology
8 pages
Eigrp Practice Skills Exam Ccna3
No ratings yet
Eigrp Practice Skills Exam Ccna3
47 pages
CCNA 1 Final Exam Answers 2017 v5 1 v6 0 Introduction To Networks
No ratings yet
CCNA 1 Final Exam Answers 2017 v5 1 v6 0 Introduction To Networks
52 pages
5 - DHCP Snooping Concepts
No ratings yet
5 - DHCP Snooping Concepts
1 page
Understanding and Configuring DHCP Snooping
No ratings yet
Understanding and Configuring DHCP Snooping
4 pages
Cheat Sheet - DHCP Snooping
No ratings yet
Cheat Sheet - DHCP Snooping
1 page
Configuring DHCP Snooping: Edward Yardley
No ratings yet
Configuring DHCP Snooping: Edward Yardley
3 pages
SECS01L03 - Configuring DHCP Snooping
No ratings yet
SECS01L03 - Configuring DHCP Snooping
11 pages
Snooping de DHCP
No ratings yet
Snooping de DHCP
41 pages
S3900 Series Switches DHCP-Snooping Configuration
No ratings yet
S3900 Series Switches DHCP-Snooping Configuration
13 pages
7.3 Mitigate DHCP Attacks
No ratings yet
7.3 Mitigate DHCP Attacks
6 pages
Configuring DHCP Snooping
No ratings yet
Configuring DHCP Snooping
20 pages
Understanding DHCP Snooping For Port Security On EX Series Switches
No ratings yet
Understanding DHCP Snooping For Port Security On EX Series Switches
7 pages
DHCP Snooping
No ratings yet
DHCP Snooping
21 pages
2-3-1 DHCP Snooping
No ratings yet
2-3-1 DHCP Snooping
10 pages
DHCP Client
No ratings yet
DHCP Client
17 pages
15 - IOS Firewall Fundamentals
No ratings yet
15 - IOS Firewall Fundamentals
6 pages
What SNMP and What It Do ?: Simple Network Management Protocol)
No ratings yet
What SNMP and What It Do ?: Simple Network Management Protocol)
15 pages
What STP
No ratings yet
What STP
14 pages
Networking Basics and Terminology
No ratings yet
Networking Basics and Terminology
25 pages
1356 Capt Depression Frein V1
No ratings yet
1356 Capt Depression Frein V1
4 pages
Ethical Hacking: Introduction To Ethical Hacking: Course
No ratings yet
Ethical Hacking: Introduction To Ethical Hacking: Course
10 pages
IT Security Foundations
No ratings yet
IT Security Foundations
6 pages

5 - DHCP Snooping Concepts

Uploaded by

5 - DHCP Snooping Concepts

Uploaded by

Why DHCP snooping?

DHCP snooping is enabled on the VLAN level on a switch.

DHCP snooping is a feature that exists on a switch.

It creates two types of ports: trusted and untrusted. When DHCP

The DHCP snooping feature is a countermeasure against any rogue DHCP

Setting The LAB

ip dhcp excluded-address 10.123.0.50 10.123.0.253

IOU2(config)#ip dhcp pool CLIENT_LAN

You might also like