*Good day guys,
I was looking for some clarification on when the "no ip dhcp snooping
information option" command is required (to get task points) and when it
isn't.
There are two workarounds to the option 82 issue:
1. no ip dhcp snooping information option - SW
2. a. (globally) ip dhcp relay information trust-all - IOS DHCP Server
b. (interface) ip dhcp relay information trusted - IOS DHCP Server
Now the scenarios:
Scenario#1 - IPSG*
*NO ip dhcp snooping information option* - REQUIRED per Yusuf ex 8.4 Lab #
2 and Yusuf L2 Security presentation page 74
*Scenario#2 - IPSG + mac-address validation (port-security)
*
*ip dhcp snooping information option* - REQUIRED per
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swdhcp82.html#wp1294425and
Yusuf L2 Security presentation page 74
*ip dhcp relay information trusted* - REQUIRED
*Scenario#3 - DAI*
*NO ip dhcp snooping information option* - REQUIRED per Yusuf L2 Security
presentation page 59
*Are these correct? Am I missing anything?
Thanks for you assistance!!!
--
Ernesto Gonzalez G.*
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
