Switching

 View Only
last person joined: 5 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  dhcp snooping info

    Posted 09-29-2023 18:09

    Hello all.

    I am currently looking at dhcp snooping on EX4300 switches. I have a few questions. If someone plugs in a dhcp server on an untrusted port. Where would I look to find out that something was blocked. Any counters or logs to check that out? Using what commands.

    dhcp snooping is configured under each vlan.  Any easy way to apply the same configuration to large amount of vlans?  Any example?

    Thanks.



    ------------------------------
    YVON LEDUC
    ------------------------------


  • 2.  RE: dhcp snooping info

    Posted 09-30-2023 20:20

    The running statistics are shown with

    show dhcp snooping statistics 

    https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/ref/command/show-dhcp-snooping-statistics-port-security.html

    The current status is monitored with

    show dhcp snooping binding

    https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/ref/command/show-dhcp-snooping-binding-port-security.html



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: dhcp snooping info

    Posted 10-03-2023 16:40

    Hello Steve. 

    The info you provided is when the client receives an address. 

    What I am interested in is more when a rogue dhcp is connected. I found in /var/log/messages entries when the dhcp server is being blocked. Was wondering if a command would show me that some rogue dhcp server was connected and to which port without searching through the logs. I did not see any info in the statistics about blocked answers. 

    Thanks.



    ------------------------------
    YVON LEDUC
    ------------------------------