Figure 3-5 Networking Diagram For Preventing The Attacker From Sending Bogus Dhcp Messages For Extending Ip - Huawei Quidway S9300 Configuration Manual
Terabit routing switch
Hide thumbs
Also See for Quidway S9300:
- Configuration manual - network management (630 pages) ,
- Configuration manual (603 pages) ,
- Configuration manual - multicast (262 pages)
Table of Contents
Advertisement
Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
Figure 3-5 Networking diagram for preventing the attacker from sending bogus DHCP messages
for extending IP address leases
S9300
Configuration Roadmap
The configuration roadmap is as follows:
1.
2.
3.
4.
Data Preparation
To complete the configuration, you need the following data:
l
l
l
Procedure
Step 1 Enable DHCP snooping.
# Enable DHCP snooping globally.
Issue 06 (2010–01–08)
ISP network
L2 network
GE1/0/0
GE2/0/0
User network
Enable DHCP snooping globally and on the interface.
Use the operation mode of the DHCP snooping binding table to check DHCP Request
messages.
Configure the packet discarding alarm function.
Configure the Option 82 function and create a binding table that contains information about
the interface.
ID of the VLAN that each interface belongs to
Static IP addresses from which packets are forwarded
Alarm threshold
NOTE
This configuration example provides only the commands related to the DHCP snooping configuration.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
3 DHCP Snooping Configuration
L3 network
DHCP relay
DHCP server
3-37
Advertisement
Chapters
Table of Contents
