DHCP snooping is used in order to prevent rogue DHCP servers to interfere with the network’s operation. By default DHCP snooping is not enabled.

We had a case on Switch31 that the customer’s DHCP server prevented our internal DHCP server in Banigan VLAN to work properly.

For the switch port that contains the legitimate DHCP server we use the command “dhcp-snooping trust”

For switches that receive DHCP through their uplink ports we make sure that the uplink ports are trusted.

 

For HP switches the following commands solved the problem:

 

# dhcp-snooping

# dhcp-snooping vlan 1 11

# dhcp-snooping trust eth 1