Create Date: Jun 21 2013 10:59AM
I want to implement DHCP snooping.
My network topology is quite simple, core switch with multiple edge switches.
I am already using bootprelay on the core switch to forward dhcp request from several vlans to the one with the dhcp server.
i would now like to enable dhcp-snooping to prevent unauthorized dhcp servers appearing on the network.
i enabled dhcp snooping for one vlan but it quickly blocked the edge switch because of the bootp relay requests.
can i just add the core switch as a trusted dhcp server as well as the actual dhcp server, or should i be looking at trusting the uplink port on the edge switch. I think trusting the uplink port would be silly though because i am effectively (on that switch) trusting dhcp servers on any other switch .
Please correct me if i'm wrong, i would like to hear your suggestions