RE: DHCP

(1) Possible options to Identify if a Windows DHCP is running on a vlan
segment from a layer2 or layer3 device in same/different segment.

Plug a desktop or laptop onto the network segment where you want to check
for rogue dhcp servers. Turn on a sniffer on the desktop/laptop before you
do so. You should see DHCPDISCOVER and DHCPOFFER frames appear. If there are
multiple DHCP servers on the segment, it should show you multiple DHCPOFFER
frames.

(2) what config is needed on Router (Gateway) to drop all DHCP request other
than specified windows DHCP Server IP

If you are using catalyst switches between your router and the end user
devices..turn on dhcp snooping. More information given on the link below.

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuratio
n_example09186a00807c4101.shtml#dhcpsnoop

Regards,
Sid
Nobody's really listening, until you make a mistake...

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
ccie99999
Sent: 29 September 2012 13:38
To: Vishal Rane
Cc: ccielab_at_groupstudy.com
Subject: Re: DHCP

maybe an acl with deny udp any any eq bootps log and a permit only for the
dhcp server?

is this enough?

other ideas?

On Sat, Sep 29, 2012 at 5:43 AM, Vishal Rane
<vishal.rane_at_hotmail.co.in>wrote:

> Hello Experts
>
> Looking for solutions on DHCP query
>
> (1) Possible options to Identify if a Windows DHCP is running on a
> vlan segment from a layer2 or layer3 device in same/different segment.
>
> (2) what config is needed on Router (Gateway) to drop all DHCP request
> other than specified windows DHCP Server IP
>
>
> cheers
> Vishal
>
>
> Blogs and organic groups at http://www.ccie.net
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

--
@ccie99999
Blogs and organic groups at http://www.ccie.net