A rogue DHCP server (laptop, careless router) is disturbing the whole network.
DHCP snooping is a switch feature that only lets your real DHCP server hand out leases on the LAN. Without it someone can plug in a router, start their own DHCP and hand half a department wrong IPs, or worse, intercept traffic. Enabling takes five minutes and kills an entire class of incident.
Try this first
- 1Turn DHCP snooping on globally (Aruba, Cisco, UniFi, MikroTik each have their own commands).
- 2Mark the uplink port toward your real DHCP server (firewall or dedicated host) as 'trusted'. All other ports stay 'untrusted'.
- 3Test by attaching a laptop running its own DHCP (dnsmasq) on an access port, other devices on that port should not get a lease from it.
- 4Combine with IP source guard so a client cannot just claim a spoofed IP.
- 5Log snooping violations to SIEM or syslog, you will catch unintended routers (meeting-room hubs, demo gear) early.
When to bring us in
You run many pop-up events with external vendors who bring their own gear: you need a real event VLAN with its own DHCP and strict rules, not ad hoc patches.
See also
- Wi-Fi drops randomly across the officeFirst rule out whether it is the access points or the internet connection itself. Different fix.
- One room or corner has no or bad Wi-FiNot always "add another AP"; often one is poorly positioned, or there is a metal wall in the way.
- Internet is suddenly slow for everyoneThree suspects: your provider, a colleague soaking the line, or a backup or update kicking in unexpectedly.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.