Application Environment Of Trusted Ports - H3C S5120-SI Series Configuration Manual

•
Ports that connect to DHCP clients
•
VLANs to which the ports belong

Application environment of trusted ports

Configuring a trusted port connected to a DHCP server
Figure 13 Configure trusted and untrusted ports
As shown in Figure 13, a DHCP snooping device's port that is connected to an authorized DHCP server
should be configured as a trusted port. The trusted port forwards reply messages from the authorized
DHCP server to the client, but the untrusted port does not forward reply messages from the unauthorized
DHCP server. This ensures that the DHCP client obtains an IP address from the authorized DHCP server.
Configuring trusted ports in a cascaded network
In a cascaded network involving multiple DHCP snooping devices, the ports connected to other DHCP
snooping devices should be configured as trusted ports.
To save system resources, you can disable the trusted ports, which are indirectly connected to DHCP
clients, from recording clients' IP-to-MAC bindings upon receiving DHCP requests.
47