I have studied about DHCP Snooping, I am not sure whether my understanding is wrong or not. Please help to verify.
(1)DHCP Snooping maintains a binding table which is either updated manually via CLI or dynamically by examining the DHCPACK message (untrusted host leased an IP address from a TRUSTED DHCP server)
(2)Any packet received at untrusted port which does not match any entry in the binding table will be dropped <--- this functions belongs to DHCP Snooping or IP Source Guard?
So, is that the functions of the DHCP Snooping are:
1) Blocking untrusted DHCP server leases IP to hosts
2) Maintaining the binding table for IP Source Guard and Dynamic ARP Inspection
any more ?
IP Source Guard indeed blocks IP traffic based on the DHCP snooping binding database, or manually configured. DHCP Snooping acts by filtering DHCP responses from rogues servers, and maintains the DHCP snooping binding database that can be used by IP Source Guard and DAI to filter out traffic that does not match the configured bindings.