Figure 23-3 DHCP snooping port types
The Switch monitors DHCP packets for terminals connected to untrusted ports, and
excludes the following types of access:
Suppressing IP address release requests from terminals not registered in the DB
The Switch discards IP address release requests received on untrusted ports from
terminals not registered in the DB. This allows the suppressing of IP address release
requests from terminals for which IP addresses have not been assigned by
authorized DHCP servers.
Discarding DHCP packets sent from DHCP servers
The Switch monitors DHCP packets received on untrusted ports, and discards the
packets sent from DHCP servers. This prevents untrusted DHCP servers from
handing out IP addresses.
The following figure provides an overview of DHCP packet monitoring.
23 DHCP Snooping
407