How to Configure DHCP Snooping for Cisco Catalyst Switch

Text-only Preview

How to Configure DHCP
Snooping for Cisco Switch
http://www.router-
switch.com/Price-cisco-
switches_c2

Why need to configure DHCP
Snooping

In computer networking DHCP snooping allows
you to create a white-list of interfaces for which
trusted DHCP servers are connected. All dhcp
specific traffic which passes through "untrusted"
interfaces will be dropped. This will help you easy
configure DHCP snooping for Cisco Catalyst
switch easy.

When DHCP servers are allocating IP addresses to
the clients on the LAN, DHCP snooping can be
configured on LAN switches to harden the security
on the LAN to allow only clients with specific
IP/MAC addresses to have access to the network.


Configurations for Switch

Switch > en

Switch #conf t

Switch (config)#no ip domain look

Switch (config)#user cisco pr 15 pass ccie

Switch (config)#ho SW1

SW1(config)#line con 0

SW1(config-line)#exec-tim 0 0

SW1(config-line)#logg syn

SW1(config-line)#exit

SW1(config)#line vty 0 4


SW1(config-line)#logg syn

SW1(config-line)#login loc

SW1(config-line)#exec-tim 30 0

SW1(config-line)#exit

SW1(config)#vlan 20

SW1(config-vlan)#exit

SW1(config)#ip dhcp snooping vlan 10,

SW1(config)#ip dhcp snooping


SW1(config)#interface fastEthernet 0/1

SW1(config-if)#description Connect to Win2003 DHCP

SW1(config-if)#switchport access vlan 10

SW1(config-if)#switchport mode access

SW1(config-if)#spanning-tree portfast

SW1(config-if)#ip dhcp snooping trust

SW1(config-if)#interface FastEthernet0/2

SW1(config-if)#description : Connect to DHCP Client

SW1(config-if)#switchport access vlan 10

SW1(config-if)#switchport mode access

SW1(config-if)#spanning-tree portfast

SW1(config-if)#ip dhcp snooping limit rate 15

SW1(config-if)#end

SW1#wr

It can applied to all Cisco Catalyst
switches or, such as Cisco 2960
switches, Cisco Catalyst 3750 switches,
Cisco 3850 switches, etc.

Contact Us:
Website: http://www.router-
switch.com/
Tel: +1-626-239-8066 (USA)
+852-
9795-4940 / +852-3174-6166 (Hong
Kong)
Fax: +852-3050-1066 (Hong Kong)
Email: [email protected] (Sales
Inquiries)