DHCP Snooping
   HOME

TheInfoList



Click Here for Items Related To - DHCP Snooping
OR:
DHCP Snooping on:   [Wikipedia]   [Google]   [Amazon]

In
computer networking A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are ma ...
, DHCP snooping is a series of techniques applied to improve the security of a
DHCP The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a cli ...
infrastructure. DHCP servers allocate
IP address An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...
es to clients on a
LAN Lan or LAN may also refer to: Science and technology * Local asymptotic normality, a fundamental property of regular models in statistics * Longitude of the ascending node, one of the orbital elements used to specify the orbit of an object in sp ...
. DHCP snooping can be configured on LAN
switches In electrical engineering, a switch is an electrical component that can disconnect or connect the conducting path in an electrical circuit, interrupting the electric current or diverting it from one conductor to another. The most common type of ...
to exclude rogue DHCP servers and remove malicious or malformed DHCP traffic. In addition, information on hosts which have successfully completed a DHCP transaction is accrued in a database of ''bindings'' which may then be used by other security or accounting features. Other features may use DHCP snooping database information to ensure IP integrity on a
Layer 2 The data link layer, or layer 2, is the second layer of the seven-layer OSI model of computer networking. This layer is the protocol layer that transfers data between nodes on a network segment across the physical layer. The data link layer pr ...
switched domain. This information enables a network to: * Track the physical location of IP addresses when combined with AAA accounting or
SNMP Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behaviour. Devices that typically ...
. * Ensure that hosts only use the IP addresses assigned to them when combined with source-guard a.k.a. source-lockdown * Sanitize ARP requests when combined with arp-inspection a.k.a. arp-protect


References

{{Reflist Internet Standards Application layer protocols