Filter
Top Products
xStack
®
DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual
201
25
DHCP SERVER SCREENING COMMANDS
The DHCP Server Screening Commands in the Command Line Interface (CLI) are listed (along with the appropriate
parameters) in the following table.
The DHCP Server Screening commands allow you not only to restrict all DHCP Server packets but also to receive any
specified DHCP server packets by any specified DHCP client, it is useful when one or more than one DHCP servers are
present on the network and both provide DHCP services to different distinct groups of clients. Enabling the DHCP filter for
the first time will create both an access profile and access rule per port, following this other access rules can be created.
These rules are used to block all DHCP server packets. Similarly, the addition of a permit DHCP entry will create one
access profile and one access rule the first time the DHCP client MAC address is the client MAC address, and the Source
IP address is the same as the DHCP server’s IP address (UDP port number 67). These rules are used to permit the
DHCP server packets with specific fileds, which the user configures.
When the DHCP Server filter function is enabled, all DHCP Server packets will be filtered from a specific port. Also, you
are allowed to create entries for specific port-based Server IP address and Client MAC address binding entries. Be aware
that the DHCP Server filter function must be enabled first. Once all settings are complete, all DHCP Server packets will
be filtered from a specific port except those that meet the Server IP Address and Client MAC Address binding.
Command Parameters
config filter dhcp_server [add permit server_ip <ipaddr> {client_mac <macaddr>} ports [<portlist>|all] |
delete permit server_ip <ipaddr> {client_mac <macaddr>} ports [<portlist>|all] |
ports [<portlist>|all] state [enable|disable]]
show filter dhcp_server
config filter dhcp_server trap_log [enable | disable]
config filter dhcp_server
illegal_server_log_suppress_duration
[ 1min | 5min | 30min ]
Each command is listed in detail in the following sections.
config filter dhcp_server
Purpose DHCP server packets except those that have been IP/client MAC bound will be filtered. This
command is used to configure the state of the function for filtering of DHCP server packet and
to add/delete the DHCP server/client binding entry.
Syntax
config filter dhcp_server [add permit server_ip <ipaddr> {client_mac <macaddr>} ports
[<portlist>|all] | delete permit server_ip <ipaddr> {client_mac <macaddr>} ports
[<portlist>|all] | ports [<portlist>|all] state [enable|disable]]
Description This command has two purposes: to filter all DHCP server packets on the specified port(s)
and to allow some DHCP server packets to be forwarded if they are on the pre-defined server
IP address/MAC address binding list. Thus the DHCP server can be restricted to service a
specified DHCP client. This is useful when there are two or more DHCP servers present on a
network.
Parameters
ipaddr – The IP address of the DHCP server to be filtered.
macaddr – The MAC address of the DHCP client.