Download Print this page

Configuring Authorized Server Addresses; Using Dhcp Snooping With Option 82 - HP 2530 Manual Supplement

Hide thumbs Also See for 2530:

Installation and getting started manual (93 pages)

,

Quick setup manual (9 pages)

,

Installation and getting started manual (101 pages)

Table Of Contents

Table of Contents

Advertisement

Example 4 Setting trusted ports

HP Switch(config)# dhcp-snooping trust 5-6

HP Switch(config)# show dhcp-snooping

DHCP Snooping Information

DHCP Snooping

Enabled Vlans

Verify MAC

Option 82 untrusted policy : drop

Option 82 Insertion

Option 82 remote-id

Store lease database : Not configured

Port

Trust

----- -----

5

Yes

6

Yes

7

Yes

DHCP server packets are forwarded only if received on a trusted port; DHCP server packets received

on an untrusted port are dropped. Use the no form of the command to remove the trusted

configuration from a port.

Configuring authorized server addresses

If authorized server addresses are configured, a packet from a DHCP server must be received on

a trusted port AND have a source address in the authorized server list to be considered valid. If

no authorized servers are configured, all servers are considered valid. You can configure up to

20 authorized servers.

To configure a DHCP authorized server address, enter this command in the global configuration

context:

HP Switch(config)# dhcp-snooping authorized-server <ip-ad>

Example 5 Authorized servers for DHCP snooping

HP Switch(config)# show dhcp-snooping

DHCP Snooping Information

DHCP Snooping

Verify MAC

Option 82 untrusted policy : drop

Option 82 Insertion

Option 82 remote-id

Authorized Servers

---------------------

111.222.3.4

10.0.0.11

Using DHCP snooping with Option 82

DHCP adds Option 82 (relay information option) to DHCP request packets received on untrusted

ports by default. (See "Configuring DHCP Relay" in the HP Switch Software Multicast and Routing

Guide for more information on Option 82.)

When DHCP is enabled globally and also enabled on a VLAN, and the switch is acting as a DHCP

relay, the settings for the DHCP relay Option 82 command are ignored when snooping controls

Option 82 insertion. Option 82 inserted in this way allows the association of the client's lease

10

Updates for the HP Switch Software Access Security Guide

: Yes

: 4

: Yes

: Yes

: mac

: Yes

: No

: Yes

: subnet-ip

Table of Contents

Show Quick Links

Hide quick links:

Advertisement

Table of Contents