IP Phones as PC can use the DHCP to retrieve an IP configuration(IP Address, netmask, default gateway, DNS, TFTP, …). therefore, if an attacker is able to interfere with DHCP, he might be able to conduct a Denial-of-Service (DoS) attack and prevent IP Phones from operating correclty.

DHCP snooping works to prevent an intruder from interfering with DHCP operations by filtering malicious DHCP messages and by creating a DHCP snooping binding table. The table contains information such as mac-address, IP addresses, DHCP lease time and VLAN port information for clients on untrusted ports.