DHCP Snooping
i need a soviet grade wiretap for spying on the white house in the form of a trojan horse
This was implemented as a feature on Cisco routers and switches to inspect the layer 2 Dynamic-Host-Configuration-Protocol traffic traversing a network for two very important security protocols: IP Source Guard and Dynamic ARP Inspection.
Configuration
conf tEnable configuration mode.ip dhcp snoopingEnable DHCP snooping.ip dhcp snooping vlan 1Enable DHCP snooping for VLANs.ip arp inspection vlan 1Enable ARP inspection for VLANs.interface f0/1Enter configuration mode for a trusted interface (e.g. the real DHCP server for your network)ip dhcp snooping trustSet the interface as a trusted interface for DHCP snooping. (All interfaces are untrusted by default)
No comments to display
No comments to display