35
DHCP relay agent information (DHCP option 82)
Feature
DHCP snooping
Trust setting for ports
Enabling DHCP snooping on a VLAN
DHCP packets for a VLAN with DHCP snooping enabled are inspected.
DHCP snooping is disabled by default. This feature must be enabled on the client and the DHCP
server VLANs. To enable DHCP snooping, enter the following global command for these VLANs.
BigIron RX(config)#ip dhcp snooping vlan 2
The command enables DHCP snooping on VLAN 2.
Syntax: [no] ip dhcp snooping vlan <vlan-number>
The <vlan-number> variable specifies the ID of a configured client or DHCP server VLAN.
Enabling trust on a port
The default trust setting for a port is untrusted. To enable trust on a port connected to a DHCP
server, enter commands such as the following.
BigIron RX(config)#interface ethernet 1/1
BigIron RX(config-if-e10000-1/1)#dhcp snooping trust
Port 1/1 is connected to a DHCP server. The commands change the CLI to the interface
configuration level of port 1/1 and set the trust setting of port 1/1 to trusted.
Syntax: [no] dhcp snooping trust
DHCP relay agent information (DHCP option 82)
DHCP relay agent information (DHCP option 82) can be used to assist DHCP servers to implement
dynamic address policy. When DHCP option 82 is present in DHCP packets, DHCP servers gets
additional information about the clients' identity.
This Brocade device inserts DHCP option 82 when relaying DHCP request packets to DHCP servers,
and deletes option 82 when forwarding server reply packets back to DHCP clients. See the
following figures.
1008
Default
Disabled
Untrusted
BigIron RX Series Configuration Guide
53-1002253-01