Planet Technology SGSW-2840 Switch User Manual

Open as PDF

of 688

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

486

5.13.4 DHCP Snooping Commands

DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port-related

information to a DHCP server. This information can be useful in tracking an IP address back to a physical port. This section

describes commands used to configure DHCP snooping.

Command Function Mode

ip dhcp snooping Enables DHCP snooping globally GC

ip dhcp snooping vlan Enables DHCP snooping on the specified VLAN GC

ip dhcp snooping trust Configures the specified interface as trusted IC

ip dhcp snooping

verifymac-address

Verifies the client’s hardware address stored in the DHCP

packet against the source MAC address in the Ethernet header

ip dhcp snoopinginformation

option

Enables or disables DHCP Option 82 information relay GC

ip dhcp snoopinginformation

policy

Sets the information option policy for DHCP client packets

thatinclude Option 82 information

show ip dhcp snooping Shows the DHCP snooping configuration settings PE

show ip dhcp snoopingbinding Shows the DHCP snooping binding table entries PE

Table 5-44 DHCP Snooping Commands

ip dhcp snooping

This command enables DHCP snooping globally. Use the no form to restore the default setting.

Syntax

[no] ip dhcp snooping

Default Setting

Disabled

Command Mode

Global Configuration

Command Usage

Network traffic may be disrupted when malicious DHCP messages are received from an outside source. DHCP snooping

is used to filter DHCP messages received on an unsecure interface from outside the network or firewall. When DHCP

snooping is enabled globally by this command, and enabled on a VLAN interface by the ip dhcp snooping vlan command

(page 4-148), DHCP messages received on an untrusted interface (as specified by the no ip dhcp snooping trust

command, page 4-149) from a device not listed in the DHCP snooping table will be dropped.

When enabled, DHCP messages entering an untrusted interface are filtered based upon dynamic entries learned via

DHCP snooping.

Table entries are only learned for untrusted interfaces. Each entry includes a MAC address, IP address, lease time, VLAN

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Planet Technology SGSW-2840 Switch User Manual