Task
This task is called Configure DHCP Snopping
Configuration
Task 1 – Configure the R1 to be a DHCP Server. Follow up with confoguration of R1
R1 – Configure Eth0/0 using IP address 1.1.1.1/24
Configure DHCP pool to Vlan 24 on R1
Configure the default route from R1 through SW2 Interface Eth10/0 IP Address 2.1.2.2
Interface Ethernet0/0
ip address 1.1.1.1 255.255.255.0
duplex auto
Auto speed
ip route: 0.0.0.0 0.0.0.0.1.1.11
ip dhcp pool CCNP
network 24.24.24.0 255.255.255.0
default-router 24.24.24.22
Lease 7
Task 2: Configure the SW1 with the Following Configuration
SW1 – Configure Eth1/0 on vlan 1
Configure L3 Vlan 1 on SW1 using the Following Information: Ip Address 1.1.1.11/24 Configure Eth10/0 with an ip address 2.1.2.1/24
Configure Default route Pointing at SW2 Interface eth10/0 IP address 2.1.2.2 Shut down all other ports on SW1 (Eth11/0, eth12/0).
Router IP
Interface Ethernet1/0
Switchport mode access
Portfast for spanning-tree
Interface Ethernet10/0
No switchport
ip address 2.1.2.1 255.255.255.0
!
Interface Vlan1
ip address 1.1.1.11 255.255.255.0
no shut
!
ip classless
ip route 24.24.24.0 255.255.255.0 2.1.2.2
SW1(config)#int eth11/0
SW1(config-if)#shut
SW1(config-if)#int eth12/0
SW1(config-if)#shut
SW2: Configure the interfaces Eth2/0, eth3/0, and eth4/0 in Vlan 24, Configure L2 Vlan 24
Configure int Eth10/0 with ip address 2.1.2.2
Configure Interface Vlan 24 using Following IP 24.24.24.22/24 Configure default route Pointing to 2.1.2.1
Interface Ethernet10/0
No switchport
ip address 2.1.2.2 255.255.255.0
!
Interface Ethernet2/0
Switchport access vlan 24
Switchport mode access
Portfast for spanning-tree
!
Interface Ethernet3/0
Switchport access vlan 24
Switchport mode access
Portfast for spanning-tree
!
Interface Ethernet4/0
Switchport access vlan 24
Switchport mode access
Portfast for spanning-tree
!
Interface Vlan24
24.24.24.22 255.255.255.0
1.1.1.1 ip helper address
no shut
!
ip route 0.0.0.0,0.0.0.0,2.1.2.1
Task 3 – Configure R2 interface eth0/1 to allow it to receive the Ip address of DHCP server. Configure R4 interface eth0/1 to allow it to receive the Ip address of DHCP server
R2(config)#int eth0/1
R2(configif)#ip address Dhcp
R2(config-if)#no shut
R4#sh run int eth0/1
Interface Ethernet0/1
ip address dhcp
End
Any broadcasts sent by Client-R2 and Client-R4 at the moment are flooded by Switch-2, making them visible to all clients and Router-3 (Rogue DHCP server). This means that if Client-R2 sends a broadcast DHCP Discovery packet and a broadcast DHCP request packet, they are visible to all other devices within VLAN-24. This can be verified by following the steps:
You should have two Telnet windows open simultaneously: one window for R2 and another window for R4.
Enter the command debug IP udp port67 on Client-R4. This command will display all IP packets Client-R4 has received. It will also forward them to its CPU with a source or destination UDP port 67 (the DHCP Server Port).
Client-R2 will shut down interface FastEthernet0/1, and then enable it. Client-R4’s debug will show that it has received the DHCP broadcasts.
Client-R4 should be turned off with the command undebug ALL (or just u all).
Task 4 – Completion of the configuration of R3 in Rogue DHCP Server.
Allow the command service dhcp to be enabled
Create a DHCP pool (using the name INE).
Your pool should have IP addresses that are within the correct subnet 24.24.24.0/24. Your pool should be configured so that it offers an incorrect IP address of 24.24.24.33 (the Rogue DHCP server) as the default-router for all DHCP clients.
Your pool should be configured with a DHCP lease time of 7 days.
R3(config)#int eth0/0
R3(configif)#ip address 24.24.24.33 255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit
R3(config.#ip route0.0.0.0 24.24.24.22
service dhcp
ip dhcp pool CCNP
network 24.24.24.0/24
default-router 24.24.24.33
Lease 7
Typically, it is when
