Installation manual
3-118
SIGNAMAX LLC • www.signamax.eu
Configuring VLANs for DHCP Snooping
Use the DHCP Snooping VLAN Configuration page to enable or disable DHCP snooping
on specific VLANs.
Command Usage
• When DHCP snooping is enabled globally on the switch, and enabled on the specified
VLAN, DHCP packet filtering will be performed on any untrusted ports within the VLAN.
• When the DHCP snooping is globally disabled, DHCP snooping can still be configured
for specific VLANs, but the changes will not take effect until DHCP snooping is globally
re-enabled.
• When DHCP snooping is globally enabled, and DHCP snooping is then disabled on a
VLAN, all dynamic bindings learned for this VLAN are removed from the binding table.
Command Attributes
• VLAN ID – ID of a configured VLAN. (Range: 1-4094)
• DHCP Snooping Status – Enables or disables DHCP snooping for the selected VLAN.
Web – Click DHCP Snooping, VLAN Configuration.
Figure 3-70 DHCP Snooping VLAN Configuration
CLI – This example first enables DHCP Snooping for VLAN 1.
Configuring the DHCP Snooping Information Option
DHCP provides a relay mechanism for sending information about the switch and its
DHCP clients to the DHCP server. Known as DHCP Option 82, it allows compatible
DHCP servers to use the information when assigning IP addresses, or to set other
services or policies for clients. It is also an effective tool in preventing malicious network
attacks from attached clients on DHCP services, such as IP Spoofing, Client Identifier
Spoofing, MAC Address Spoofing, and Address Exhaustion.
Console(config)#ip dhcp snooping vlan 1 4-164
Console(config)#