Chapter 18 Configuring Dhcp Features; Understanding Dhcp Features; Dhcp Snooping - Cisco WS-C3560-48PS-S Software Configuration Manual
Software configuration guide
Hide thumbs
Also See for WS-C3560-48PS-S:
- Product manual (20 pages) ,
- Hardware installation manual (120 pages)
Table of Contents
Advertisement
Configuring DHCP Features
This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping and
the option-82 data insertion features on the Catalyst 3560 switch.
Note
For complete syntax and usage information for the commands used in this chapter, see the command
reference for this release, and refer to the "IP Addressing and Services" section in the Cisco IOS IP and
IP Routing Command Reference for Release 12.1.
This chapter consists of these sections:
•
•
•
Understanding DHCP Features
DHCP is widely used in LAN environments to dynamically assign host IP addresses from a centralized
server, which significantly reduces the overhead of administration of IP addresses. DHCP also helps
conserve the limited IP address space because IP addresses no longer need to be permanently assigned
to hosts; only those hosts that are connected to the network consume IP addresses.
DHCP Snooping
DHCP snooping is a DHCP security feature that provides network security by filtering untrusted DHCP
messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a
message that is received from outside the network or firewall that can cause traffic attacks within your
network.
The DHCP snooping binding table contains the MAC address, IP address, lease time, binding type,
VLAN number, and interface information that corresponds to the local untrusted interfaces of a switch;
it does not contain information regarding hosts interconnected with a trusted interface. An untrusted
interface is an interface that is configured to receive messages from outside the network or firewall. A
trusted interface is an interface that is configured to receive only messages from within the network.
DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. It also gives you a way
to differentiate between untrusted interfaces connected to the end user and trusted interfaces connected
to the DHCP server or another switch.
78-16156-01
Understanding DHCP Features, page 18-1
Configuring DHCP Features, page 18-3
Displaying DHCP Information, page 18-5
C H A P T E R
Catalyst 3560 Switch Software Configuration Guide
18
18-1
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
