Configuring The Dhcp Server Security Functions; Enabling Unauthorized Dhcp Server Detection - H3C S3610-28P Operation Manual

Operation Manual – DHCP
H3C S3610&S5510 Series Ethernet Switches
Caution:
Be cautious when configuring self-defined DHCP options because such
configuration may affect the DHCP operation process.
When you use self-defined option (Option 51) to configure the IP address lease
duration, convert the lease duration into seconds in hexadecimal notation.

2.6 Configuring the DHCP Server Security Functions

This configuration is necessary to secure DHCP services on the DHCP server.
2.6.1 Configuration Prerequisites
Before performing this configuration, complete the following configuration on the DHCP
server:
Enable DHCP
Configure the DHCP address pool

2.6.2 Enabling Unauthorized DHCP Server Detection

There are unauthorized DHCP servers on networks, which reply DHCP clients with
wrong IP addresses.
With this feature enabled, when receiving a DHCP message with the siaddr field not
being 0 from a client, the DHCP server will record the value of the siaddr field in the
message and the receiving interface. The administrator can use this information to
check out any DHCP unauthorized servers.
Follow these steps to enable unauthorized DHCP server detection:
Enter system view
Enable unauthorized
DHCP server detection
Note:
With the unauthorized DHCP server detection enabled, the device puts a record once
for each DHCP server. The administrator needs to find unauthorized DHCP servers
from the log information.
To do... Use the command...
system-view
dhcp server detect
Chapter 2 DHCP Server Configuration
2-14
Remarks
—
Required
Disabled by default.