Enabling Dhcp Snooping And Option 82 - Cisco Catalyst 2960-X Security Configuration Manual
Cisco ios release 15.0(2)ex
Hide thumbs
Also See for Catalyst 2960-X:
- Command reference manual (135 pages) ,
- Hardware installation manual (34 pages) ,
- Getting started manual (25 pages)
Table of Contents
Advertisement
Enabling DHCP Snooping and Option 82
• You must configure the switch to use the Cisco IOS DHCP server binding database to use it for DHCP
• To use the DHCP snooping option of accepting packets on untrusted inputs, the switch must be an
• The following prerequisites apply to DHCP snooping binding database configuration:
• Before configuring the DHCP relay agent on your switch, make sure to configure the device that is
• If you want the switch to relay DHCP packets, the IP address of the DHCP server must be configured
• If a switch port is connected to a DHCP server, configure a port as trusted by entering the ip dhcp
• If a switch port is connected to a DHCP client, configure a port as untrusted by entering the no ip dhcp
Related Topics
DHCP Snooping, on page 210
Enabling DHCP Snooping and Option 82
Follow these steps to enable DHCP snooping on the switch:
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
222
snooping.
aggregation switch that receives packets with option-82 information from an edge switch.
◦ You must configure a destination on the DHCP snooping binding database to use the switch for
DHCP snooping.
◦ Because both NVRAM and the flash memory have limited storage capacity, we recommend that
you store the binding file on a TFTP server.
◦ For network-based URLs (such as TFTP and FTP), you must create an empty file at the configured
URL before the switch can write bindings to the binding file at that URL. See the documentation
for your TFTP server to determine whether you must first create an empty file on the server; some
TFTP servers cannot be configured this way.
◦ To ensure that the lease time in the database is accurate, we recommend that you enable and
configure Network Time Protocol (NTP).
◦ If NTP is configured, the switch writes binding changes to the binding file only when the switch
system clock is synchronized with NTP.
acting as the DHCP server. You must specify the IP addresses that the DHCP server can assign or
exclude, configure DHCP options for devices, or set up the DHCP database agent.
on the switch virtual interface (SVI) of the DHCP client.
snooping trust interface configuration command.
snooping trust interface configuration command.
Configuring DHCP
OL-29048-01
Hide quick links:
Advertisement
Table of Contents
