DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
185
18-20
ip dhcp snooping server-screen
This command is used to enable or disable DHCP server screening.
ip dhcp snooping server-screen [
SERVER-IP-ADDRESS
[profile
PROFILE-NAME
]]
no ip dhcp snooping server-screen [
SERVER-IP-ADDRESS
]
Parameters
SERVER-IP-ADDRESS
(Optional) Specifies the trust DHCP sever IP address.
profile
PROFILE-NAME
(Optional) Specifies the profile with the client MAC address list for
the DHCP sever.
Default
None.
Command Mode
Interface Configuration Mode.
Command Default Level
Level: 12.
Usage Guideline
The DHCP server screening function is used to filter the DHCP server packets on the specific
interface and receive the trust packets from the specific source. This feature can make a protected
network usable when a malicious host sends DHCP server packets.
If the server IP address is not specified, it will enabled or disabled the DHCP server screen on the
interface. By default, the DHCP server screen is disabled on all interfaces. If enabled, the DHCP
server screen, on a specific interface, will filter all DHCP server packets from the interface and only
forward trusted server packets.
If a server screen entry is defined with a profile that contains a client MAC address, then the server
message with the server IP address and the client addresses contained in the profile is forwarded.
If an entry
is defined without the client’s MAC address, then the server message with the specified
server IP address will be forwarded. Each server can only have one corresponding entry in the table.
If the entry is defined with a profile but the entry does not exist, then messages with the server IP
specified by the entry are not forwarded.
Example
This example shows how to configure
a DHCP server screen profile named “campus-profile” and
associate it with a DHCP server screen entry for port eth2/0/3.
Switch# configure terminal
Switch(config)# dhcp-server-screen profile campus-profile
switch(config-dhcp-server-screen)# based-on hardware-address 00-08-01-02-03-04
switch(config-dhcp-server-screen)# based-on hardware-address 00-08-01-03-00-01
switch(config-dhcp-server-screen)# exit
switch(config)# interface eth2/0/3
switch(config-if)# ip dhcp snooping server-screen 10.1.1.2 profile campus-profile
switch(config-if)#
18-21
ip dhcp snooping server-screen log-buffer
This command is used to configure the DHCP server screen log buffer parameter. Use the
no
form of
this command to revert to the default setting.
Summary of Contents for DGS-1510 Series
Page 1: ...1 0 ...
Page 27: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 24 ...
Page 281: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 278 ...
Page 336: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 333 ...
Page 475: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 472 ...
Page 695: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 692 ...