Bayt.com

Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What is DHCP snooping and its benefits?

LAN Network Security Cisco Switches Network Administration Network Management
user-image
Question added by Syed Javed , it consultant , Infosys
Date Posted: 2015/12/26
Upvote (1) Views (12) Followers (7) Answers (7) Report Question
Write an Answer
Register now or log in to answer.
Sooraj.S GeethaBhavan
by Sooraj.S GeethaBhavan , IT Support Officer , HYUNDAI INDIA

DHCP is a security feature that act like a firewall in between untrusted  hosts and trusted Dhcp servers

Farooq Ahmed Khan Farooq Ahmed Khan
by Farooq Ahmed Khan Farooq Ahmed Khan , Purchase/Sales , Shining Horizon Trading Est.

DHCP snooping enables the switching device, which can be either a switch or a router, to monitor DHCP messages received from untrusted devices connected to the switching device.

Muhammad Nadeem Niaz
by Muhammad Nadeem Niaz , Network Engineer , BTGroup

DHCP snooping is a technique where we configure our switch to listen in on DHCP traffic.The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients. 

Adel Ammar Chenna
by Adel Ammar Chenna , concrete batching plant operator , eurl intersud

DHCP snooping is a layer2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients. Rogue DHCP servers are often used in man in the middle or denial of service attacks for malicious purposes. However, the most common DoS scenario is that of an end-user plugging in a consumer-grade router at their desk, ignorant that the device they plugged in is a DHCP server by default.

Pramod Sonu
by Pramod Sonu , Desktop and network engineer , aconnexion bpo services pvt ltd

DHCP snooping is layer2 security technology built into the operating system of a capable network switch that drop DHCP traffic determined to be unacceptable the fundamental use case for DHCP snooping is to prevent unauthorized DHCP server offering ip addresses to DHCP client  

Mohamed Shakil Habib Kasim
by Mohamed Shakil Habib Kasim , Network Admin , Scope E-knowledge pvt ltd

DHCP snooping is a series of layer2 techniques that ensures IP integrity on a Layer2 switched domain. It works with information from a DHCP server to:

  • Track the physical location of hosts.
  • Ensure that hosts only use the IP addresses assigned to them.
  • Ensure that only authorized DHCP servers are accessible.

With DHCP snooping, only a whitelist of IP addresses may access the network. The whitelist is configured at the switch port level, and the DHCP server manages the access control. Only specific IP addresses with specific MAC addresses on specific ports may access the IP network.

DHCP snooping can also prevent attackers from adding their own DHCP servers to the network. An attacker-controlled DHCP server (Rogue DHCP) could cause malfunction of the network or even control it.

DHCP snooping is an important component in the defense against ARP spoofing. ARP security checks the IP address in the Source Protocol Address field of ARP packets. If that IP address is not an address that DHCP snooping has recorded as being in use by a host connected to the ingress port of the ARP, then the ARP packet is dropped.

Sotero Rasay
by Sotero Rasay , IT Support Engineer , King Abdulaziz city for Science and Technology

DHCP snooping is a security technology that drops dhcp traffic determined to be unacceptable.  It's benefit is to prevent rogue dhcp server from offering IP addresses to DHCP clients.

 

Write Your Answer
More Questions Like This

Do you need help in adding the right keywords to your CV? Let our CV writing experts help you.

Get Help