Switch Recommendation to prevent "rogue" DHCP?

- S
- Steve Ames
  
  Contact options for registered users
posted
18 years ago

Wed, May 11, 2005 5:08 PM

In my switch closets I have 2948-XL switches. Recently we've had a rash of people plugging devices into the network that act as DHCP servers. Naturally this causes all sorts of conflicts and has to be tracked down and stopped each time it occurs.

I've been unable to find a solution to this problem using my 2948-XL switches (i.e. a way to only allow dhcp responses from our actual dhcp server)... so it looks like its time for replacements. Can anyone recommend a switch that supports this feature (cisco calls it DHCP snooping I think),

48 ports+ 10/100 ports and VLAN capability (port + trunking). Bonus points if its not too pricey (obviously cost is a real issue or I wouldn't still be using 2948s).

Many thanks in advance!

-Steve

Loading thread data ...

- D
- dmcollin
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Wed, May 11, 2005 8:41 PM

- E
- Erik Tamminga
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Sun, May 15, 2005 1:15 PM

Hi,

On Catalyst 2950 switches you should be able to setup IP Access-lists that filter DHCP messages on ports connected to desktops. The 2950 series is what replaced the 2900xl series switches. I'm not sure though if you need the enhanced feature set in order to configure these ip access-lists.

Erik

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.