Security Basics mailing list archives

Re: DHCP Snooping

From: Kenton Smith <listsks () yahoo ca>
Date: Wed, 7 Jun 2006 16:45:29 -0400 (EDT)

DHCP is broadcast traffic so it shouldn't matter where
you put the sniffer. The only thing is that you'll
need one one each subnet because you probably aren't
routing broadcast traffic between your VLAN's.

Kenton

--- timpacalypse () yahoo com wrote:

I'm looking at deploying DHCP Snooping in our
environment.  I just want to make sure I've got this
straight.  

We only have 1 DHCP server.  So the only port that I
need to say is trusted is the one the DHCP Server is
connected to, right?  I don't want anyone to be able
to deploy any rogue DHCP Servers in the network.  We
are using VLANS, but I don't need to set the trunk
ports as trusted do I?



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Current thread:

DHCP Snooping timpacalypse (Jun 06)
- Re: DHCP Snooping Sven Édouard (Jun 07)
  - Re: DHCP Snooping Dmitry Cherkasov (Jun 09)
  - Message not available
    - Re: DHCP Snooping Ivan . (Jun 09)
- Re: DHCP Snooping Dmitry Cherkasov (Jun 07)
- Re: DHCP Snooping Kenton Smith (Jun 09)
- <Possible follow-ups>
- Re: DHCP Snooping s (Jun 07)
- DHCP Snooping Juan Munera (Jun 26)