DHCP option 82

  • This option supports DHCP snooping, a feature of some high-end switches: MikroTik, Juniper, Cisco...

    DHCP snooping permits the switch to block rogue DHCP servers by letting the administrator say which ports are expected to have a valid DHCP server on them so it can drop attempts on other ports to provide bogus information by answering DHCP requests before the legitimate DHCP server can answer. Option 82 encodes information about where DHCP clients are located in the network, which then flows through intermediate DHCP snooping switches, implicitly informing them of this structural information so they can do a better job of blocking rogue DHCP servers.

    I ask for this because while I could let my option 82 aware switches handle the job, I'd rather let the Alien keep that job because there are bad consequences to doing that in the current scheme.

Log in to reply