What is DHCP snooping and its benefits?

DHCP is a security feature that act like a firewall in between untrusted  hosts and trusted Dhcp servers

DHCP snooping enables the switching device, which can be either a switch or a router, to monitor DHCP messages received from untrusted devices connected to the switching device.

DHCP snooping is a technique where we configure our switch to listen in on DHCP traffic.The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients. 

DHCP snooping is a layer2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients. Rogue DHCP servers are often used in man in the middle or denial of service attacks for malicious purposes. However, the most common DoS scenario is that of an end-user plugging in a consumer-grade router at their desk, ignorant that the device they plugged in is a DHCP server by default.

DHCP snooping is layer2 security technology built into the operating system of a capable network switch that drop DHCP traffic determined to be unacceptable the fundamental use case for DHCP snooping is to prevent unauthorized DHCP server offering ip addresses to DHCP client  

DHCP snooping is a series of layer2 techniques that ensures IP integrity on a Layer2 switched domain. It works with information from a DHCP server to:

• Track the physical location of hosts.
• Ensure that hosts only use the IP addresses assigned to them.
• Ensure that only authorized DHCP servers are accessible.

With DHCP snooping, only a whitelist of IP addresses may access the network. The whitelist is configured at the switch port level, and the DHCP server manages the access control. Only specific IP addresses with specific MAC addresses on specific ports may access the IP network.

DHCP snooping can also prevent attackers from adding their own DHCP servers to the network. An attacker-controlled DHCP server (Rogue DHCP) could cause malfunction of the network or even control it.

DHCP snooping is an important component in the defense against ARP spoofing. ARP security checks the IP address in the Source Protocol Address field of ARP packets. If that IP address is not an address that DHCP snooping has recorded as being in use by a host connected to the ingress port of the ARP, then the ARP packet is dropped.

DHCP snooping is a security technology that drops dhcp traffic determined to be unacceptable.  It's benefit is to prevent rogue dhcp server from offering IP addresses to DHCP clients.