DHCP snooping is a security feature for filtering untrusted DHCP messages, and can protect clients on the network from peering up with an unauthorized DHCP server. When enabled, it builds a table of MAC address, IP address, lease time, binding type, and interface information .
There is also an important difference between trusted and untrusted interfaces when talking about DHCP snooping. . An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network. Read the rest of this entry »