Manualshelf

CLI Reference Guide-R05

ManualsBrandsEdgecore Networks ManualsEnterpriseL2 Gigabit Ethernet Carrier Grade Switch
301302303304305306307308309310
Table Of Contents
Chapter 9
| General Security Measures
DHCP Snooping
– 304 –
show web-auth
summary
This command displays a summary of web authentication port parameters and
statistics.
Command Mode
Privileged Exec
Example
Console#show web-auth summary
Global Web-Auth Parameters
System Auth Control : Enabled
Port Status Authenticated Host Count
---- ------ ------------------------
1/ 1 Disabled 0
1/ 2 Enabled 8
1/ 3 Disabled 0
1/ 4 Disabled 0
1/ 5 Disabled 0
.
.
.
DHCP Snooping
DHCP snooping allows a switch to protect a network from rogue DHCP servers or
other devices which send port-related information to a DHCP server. This
information can be useful in tracking an IP address back to a physical port. This
section describes commands used to configure DHCP snooping.
Table 58: DHCP Snooping Commands
Command Function Mode
ip dhcp snooping Enables DHCP snooping globally GC
ip dhcp snooping information
option
Enables or disables the use of DHCP Option 82
information, and specifies frame format for the remote-id
GC
ip dhcp snooping information
policy
Sets the information option policy for DHCP client
packets that include Option 82 information
GC
ip dhcp snooping information
option encode no-subtype
Disables use of sub-type and sub-length for the
CID/RID in Option 82 information
GC
ip dhcp snooping information
option remote-id
Sets the remote ID to the switch’s IP address, MAC
address, arbitrary string, TR-101 compliant node
identifier, or removes VLAN ID from the end of the TR101
field
GC
ip dhcp snooping information
policy
Sets the information option policy for DHCP client
packets that include Option 82 information
GC
ip dhcp snooping verify mac-
address
Verifies the client’s hardware address stored in the DHCP
packet against the source MAC address in the Ethernet
header
GC
ip dhcp snooping vlan Enables DHCP snooping on the specified VLAN GC