Configure System Clock And Console Timestamps; Configure Dhcp Snooping Security Features; Configure Arp Inspection; Configure Etherchannel Load Balancing - Cisco Catalyst 3850 Manual

Assign Global Configuration Information

Configure System Clock and Console Timestamps

Step 7 Configure a synchronized clock by programming your network devices to synchronize to a local NTP
server in the network.
The local NTP server typically references a more accurate clock feed from an outside source.
ntp server
!
clock timezone PST -8
clock summer-time PDT recurring
Configure console messages, logs, and debug output to provide timestamps on output, which allows
Step 8
cross-referencing of events in a network.
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime

Configure DHCP Snooping Security Features

Enable Dynamic Host Configuration Protocol (DHCP) snooping on the data, voice, and wireless AP
Step 9
VLANs.
The switch intercepts and safeguards DHCP messages within the VLAN. This configuration ensures that
an unauthorized DHCP server cannot allocate addresses to end-user devices.
ip dhcp snooping vlan
no ip dhcp snooping information option
ip dhcp snooping
ip dhcp snooping wireless bootp-broadcast enable

Configure ARP Inspection

ARP inspection is a security feature that prevents ARP spoofing.
Enable Address Resolution Protocol (ARP) inspection on the data, voice, and management VLANs.
Step 10
ip arp inspection vlan

Configure EtherChannel Load Balancing

Set EtherChannels to use the traffic source and destination IP address when calculating which link to
Step 11
send traffic to.
EtherChannel traffic should be balanced across all physical interfaces. The default load-balancing
scheme for EtherChannels is based on the source MAC address.
Best Practice User Guide for the Catalyst 3850 and Catalyst 3650 Switch Series
36
192.168.0.10
10,11,12,100
10,11,100
Global System Configuration