DHCP S
NOOPING
3-229
Additional considerations when the switch itself is a DHCP client
–
The port(s) through which the switch submits a client request to the
DHCP server must be configured as trusted. Note that the switch will not
add a dynamic entry for itself to the binding table when it receives an ACK
message from a DHCP server. Also, when the switch sends out DHCP
client packets for itself, no filtering takes place. However, when the switch
receives any messages from a DHCP server, any packets received from
untrusted ports are dropped.
DHCP Snooping Configuration
Command Attributes
•
DHCP Snooping Status
– Enables or disables DHCP snooping
globally.
•
DHCP Snooping MAC-Address Verification
– Enables or disables
MAC address verification. DHCP packets will be dropped if the source
MAC address in the Ethernet header of the packet is not same as the
client’s hardware address in the DHCP packet.
Web
– Click DHCP Snooping, Configuration.
Figure 3-106. DHCP Snooping Configuration
CLI
– This example first enables DHCP Snooping, and then enables
DHCP Snooping MAC-Address Verification.
Console(config)#ip dhcp snooping
4-223
Console(config)#ip dhcp snooping verify mac-address
4-227
Console(config)#
Summary of Contents for 6152L2
Page 2: ......
Page 18: ...TABLES xiv ...
Page 32: ...INTRODUCTION 1 10 ...
Page 46: ...INITIAL CONFIGURATION 2 14 ...
Page 185: ...PORT CONFIGURATION 3 139 Figure 3 61 Displaying Etherlike and RMON Statistics ...
Page 249: ...QUALITY OF SERVICE 3 203 Figure 3 90 Configuring Policy Maps ...
Page 290: ...CONFIGURING THE SWITCH 3 244 ...
Page 303: ...COMMAND GROUPS 4 13 VC VLAN Database Configuration ...
Page 434: ...COMMAND LINE INTERFACE 4 144 ...
Page 568: ...TROUBLESHOOTING B 4 ...
Page 581: ......