Dhcp Snooping Support For Option 82 - HPE FlexNetwork 10500 Series Configuration Manual
Layer 3-ip services
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Security configuration manual (702 pages) ,
- Network management and monitoring command reference (423 pages)
Table of Contents
Advertisement
Figure 32 Trusted and untrusted ports
DHCP server
Trusted
Untrusted
DHCP client
DHCP reply messages
In a cascaded network as shown in
the DHCP server as trusted ports. To save system resources, you can enable only the untrusted
ports directly connected to the DHCP clients to record DHCP snooping entries.
Figure 33 Trusted and untrusted ports in a cascaded network
DHCP client
Host A
GE1/0/1
DHCP client
Host B
GE1/0/4
DHCP client
Host C
DHCP client
Host D
DHCP snooping support for Option 82
Option 82 records the location information about the DHCP client so the administrator can locate the
DHCP client for security and accounting purposes. For more information about Option 82, see
"Relay agent option (Option
DHCP snooping uses the same strategies as the DHCP relay agent to handle Option 82 for DHCP
request messages, as shown in
82, DHCP snooping removes Option 82 before forwarding the response to the client. If the response
contains no Option 82, DHCP snooping forwards it directly.
DHCP snooping
Untrusted
Unauthorized
DHCP server
DHCP snooping
Switch A
GE1/0/1
GE1/0/2
GE1/0/4
GE1/0/3
GE1/0/3
GE1/0/1
GE1/0/2
DHCP snooping
GE1/0/3
Switch B
82)."
Table
Figure
33, configure the DHCP snooping devices' ports facing
GE1/0/2
GE1/0/1
DHCP snooping
Switch C
Untrusted ports enabled to record snooping entries
Untrusted ports disabled from recording snooping entries
Trusted ports
5. If a response returned by the DHCP server contains Option
91
DHCP server
Device
Advertisement
Table of Contents
Troubleshooting
