Manualshelf

Installation manual

ManualsBrandsSignaMax ManualsComputer equipmentF0-065-1200 Series
161162163164165166167168169170
3-117
SIGNAMAX LLC • www.signamax.eu
- If a DHCP packet is from server is received on a trusted port, it will be forwarded to
both trusted and untrusted ports in the same VLAN.
- If the DHCP snooping is globally disabled, all dynamic bindings are removed from the
binding table.
- Additional considerations when the switch itself is a DHCP client The port(s) through
which the switch submits a client request to the DHCP server must be configured as
trusted. Note that the switch will not add a dynamic entry for itself to the binding table
when it receives an ACK message from a DHCP server. Also, when the switch sends
out DHCP client packets for itself, no filtering takes place. However, when the switch
receives any messages from a DHCP server, any packets received from untrusted
ports are dropped.
Configuring DHCP Snooping
Use the DHCP Snooping Configuration page to enable DHCP Snooping globally on the
switch, or to configure MAC Address Verification.
Command Attributes
DHCP Snooping Status – Enables DHCP snooping globally. (Default: Disabled)
DHCP Snooping MAC-Address Verification – Enables or disables MAC address
verification. If MAC address verification is enabled, and the source MAC address in the
Ethernet header of the packet is not same as the client's hardware address in the DHCP
packet, the packet is dropped.
Web – Click DHCP Snooping, Configuration. Select the required options and click Apply.
Figure 3-69 DHCP Snooping Configuration
CLI – This example first enables DHCP Snooping, and then enables DHCP Snooping
MAC-Address Verification.
Console(config)#ip dhcp snooping 4-163
Console(config)#ip dhcp snooping verify mac-address 4-166
Console(config)#