Support User Manuals

Brocade Communications Systems 6910 Switch User Manual

Open as PDF

of 80

42 Brocade 6910 Ethernet Access Switch MIB Reference

53-1002582-01

Dynamic Host Configuration Protocol

Dynamic ARP Inspection Interface configuration table

Dynamic Host Configuration Protocol

Dynamic Host Configuration Protocol (DHCP) snooping enables the device to filter untrusted DHCP

packets in a subnet. DHCP snooping can prevent man-in-the-middle (MiM) attacks, such as a

malicious user who is posing as a DHCP server and is sending false DHCP server reply packets with

the intention of misdirecting other users. It can also stop unauthorized DHCP servers and prevent

errors due to misconfiguration of DHCP servers.

SNMP DHCP snooping MIB objects describes how to configure the DHCP snooping feature using

SNMP. It consists of the following:

• fdryDhcpSnoopGlobalClearOper: A scalar used to clear all entries in the DHCP binding

database

• fdryDhcpSnoopVlanConfigTable: A table that provides the mechanism to control DHCP

snooping per VLAN. When a VLAN is created on a device that supports this table, a

corresponding entry of this table will be added.

• fdryDhcpSnoopIfConfigTable: A table that provides the mechanism to configure the trust state

for DHCP snooping at each physical interface.

• fdryDhcpSnoopBindTable: A table that provides the information for DHCP snooping binding

database learned by the device. The DHCP binding database is integrated with the enhanced

ARP table. It contains the information of a DHCP entry, such as IP address, MAC address, type,

state, port, VLAN ID, and lease time. (To be provided at a later date.)

Name, Identifier, and Syntax Access Description

fdryDaiIfConfigTable

brcdIp.1.1.3.35.2.1

N/A This table allows you to configure the trust state for

Dynamic ARP Inspection at each physical interface.

fdryDaiIfConfigEntry

brcdIp.1.1.3.35.2.1.1

N/A A row in the fdryDaiConfigTable. Each row contains the

configuration to enable or disable the trust state for

Dynamic ARP Inspection at each physical interface

capable of this feature.

fdryDaiIfTrustValue

brcdIp.1.1.3.35.2.1.1.1

Syntax: TruthValue

Read-write This object indicates whether the interface is trusted

for Dynamic ARP Inspection.

If this object is set to 'true', the interface is trusted. ARP

packets coming to this interface will be forwarded

without being checked.

If this object is set to “false”, the interface is not

trusted. ARP packets received on this interface will be

subjected to ARP inspection.

previous next