1. Главная
2. Ferds Tech Channel

⌚ TIMESTAMPS:
0:00 Introduction
1:04 Talking about the diagram
2:41 Configuration
6:50 Verification
9:00 Simulation
10:11 Conclusion

DHCP Snooping - is a security feature used to check DHCP traffic to block any malicious DHCP packet. It acts as a firewall between untrusted user ports and DHCP server ports on the network to prevent malicious DHCP servers in the network as this can cause a denial of service. In other words, untrusted interfaces block DHCP Server packets such as DHCPOFFER and DHCPACK.


CONFIGURATION:

CORE_SW1:
conf t
int ethernet 0/0
ip dhcp snooping trust
exit
!
!Enable DHCP snooping on VLANs.
ip dhcp snooping vlan 1 2
!Enable untrusted ports to accept incoming DHCP packets with option-82 information.
ip dhcp snooping information option allow-untrusted
!Enable the Database Agent.
ip dhcp snooping database unix:dhcp-snooping-db
!Configure this command as the last configuration step (or enable the DHCP feature during a scheduled maintenance period) because after you enable DHCP snooping !globally, the switch drops DHCP Server packets until you configure the ports.
ip dhcp snooping
end
wr

Note: With the DHCP option-82 on untrusted port feature enabled, the switch does not drop DHCP packets that include option-82 information that are received on untrusted ports

ACC_SW1:
conf t
int ethernet 0/0
ip dhcp snooping trust
exit
!
ip dhcp snooping vlan 1
ip dhcp snooping information option allow-untrusted
ip dhcp snooping database unix:dhcp-snooping-db
ip dhcp snooping
!
int ethernet 0/1
!Cisco recommends an untrusted rate limit of not more than 100 packets per second (pps).
ip dhcp snooping limit rate 100
end
wr

ACC_SW2:
conf t
int ethernet 0/0
ip dhcp snooping trust
exit
!
ip dhcp snooping vlan 1
ip dhcp snooping information option allow-untrusted
ip dhcp snooping database unix:dhcp-snooping-db
ip dhcp snooping
!
int ethernet 0/1
ip dhcp snooping limit rate 100
end
wr


VERIFICATION:
show ip dhcp snooping
show ip dhcp snooping binding


🔔 Subscribe to my YouTube channel:
   / @ferdstechchannel  


Document:
https://docs.google.com/document/d/1u...

GNS3 File:
https://drive.google.com/file/d/1nR2W...

#ccna #ccnp #ccie #cisco

play_arrow

259

2

Выкуп hi- fi аудиотехники, проверка звучания акустики WHARFEDALE Elysian 3 музыка Limit To Your Love

play_arrow

22

0

Hogwarts Legacy 47: Испытания Мерлина...

play_arrow

6,023

591

🎀 i'm just a lil cranberry 🎀

play_arrow

5,362

11

CS-Cart Multi-Vendor Marketplace: How to Edit Marketplace Layout

play_arrow

131,020

6.2 тыс

ЭТОТ ХЕТ-ТРИК МЕССИ ПЕРЕПИСАЛ ИСТОРИЮ ФУТБОЛА! МЕССИ ПОЛУЧИЛ ЗОЛОТОЙ МЯЧ / Доза Футбола

play_arrow

785

9

Bray Train Station to ATC Bray Navigation Guide

play_arrow

112

7

RUST▶РЕЙД МЕГА БУНКЕРА В ОНЛАЙНЕ!

play_arrow

5,385

57

How to Sell to Target.com | Target Marketplace | Sell Products to Target.com | Target.com