DHCP Snooping
A security feature of switches that is used to filter DHCP messages received on ‘untrusted’ ports. Typically, uplink ports (those that lead towards the DHCP server) are configured as ‘trusted’, while downlink ports are left untrusted.
Filtering, in this case, does not necessarily mean discarding packets, but rather inspection of DHCP traffic. Through DHCP snooping, devices can mitigate DHCP starvation & DHCP poisoning attacks by preventing fraudulent DHCP messages from entering the network.