DHCP snooping configuration examples
Basic DHCP snooping configuration example
Network requirements
As shown in
port and configure other ports as untrusted ports. Enable DHCP snooping to record clients' IP-MAC
bindings by reading DHCP-ACK messages received from the trusted port and DHCP-REQUEST
messages.
Figure 29 Network diagram
Configuration procedure
# Enable DHCP snooping.
<SwitchB> system-view
[SwitchB] dhcp snooping enable
# Configure FortyGigE 1/1/1 as a trusted port.
[SwitchB] interface FortyGigE 1/1/1
[SwitchB-FortyGigE1/1/1] dhcp snooping trust
[SwitchB-FortyGigE1/1/1] quit
# Enable DHCP snooping to record clients' IP-MAC bindings on FortyGigE 1/1/2.
[SwitchB] interface FortyGigE 1/1/2
[SwitchB-FortyGigE1/1/2] dhcp snooping binding record
[SwitchB-FortyGigE1/1/2] quit
Verifying the configuration
After the preceding configuration is complete, the DHCP client can obtain an IP address and other
configuration parameters only from the authorized DHCP server. You can display the DHCP snooping
entry recorded for the client with the display dhcp snooping binding command.
Option 82 configuration example
Network requirements
As shown in
Figure
29, configure the port FortyGigE1/1/1 connected to the DHCP server as a trusted
Figure
30, enable DHCP snooping and configure Option 82 on Switch B as follows:
77