Netgear M6100 – Campus Edge and SMB Core Chassis Switches Guía De Administador
Security Management
392
Managed Switches
Find a Rogue DHCP Server
If you enable DHCP snooping, you can find a rogue DHCP server in the network.
CLI: Find a Rogue DHCP server
1.
Check the statistics on the untrusted ports.
(NETGEAR) #show ip dhcp snooping statistics
Interface MAC Verify
Client Ifc
DHCP Server
Failures
Mismatch
Msgs Rec'd
-----------
----------
----------
-----------
1/0/1
0 0 0
1/0/2
0 0 0
1/0/3
0 0 0
1/0/4
0 0 0
1/0/5
0 0 0
1/0/6
0 0 0
1/0/7
0 0 0
1/0/8
0 0 0
1/0/9
0 0 0
1/0/10 0 0 0
1/0/11 0 0 0
1/0/12 0 0 0
1/0/13 0 0 0
1/0/14 0 0 0
1/0/15 0 0 0
1/0/16 0 0 0
1/0/17 0 0 0
1/0/18 0 0 0
1/0/19 0 0 0
1/0/20 0 0 0
1/0/21 0 0 0
1/0/22 0 0 0
1/0/23 0 0 0
1/0/24 0 0 0
1/0/25 0 0 0
1/0/26 0 0 0
1/0/27
3704
0
4634
In the previous command output, the messages in the DHCP Server Msgs Rec’d column
for port 1/0/27 increased, indicating that the port is connected to a rogue DHCP server.
for port 1/0/27 increased, indicating that the port is connected to a rogue DHCP server.