HP ProCurve 6200yl Multicast And Routing Manual page 247

Procurve series switch
Hide thumbs Also See for ProCurve 6200yl:
Table of Contents

Advertisement

Response Packet Content
Valid DHCP server response
packet without an Option 82
field.
The server response packet
carries data indicating a given
routing switch is the primary relay
agent for the original client
request, but the associated
Option 82 field in the response
contains a Remote IDand Circuit
ID combination that did not
originate with the given relay
agent.
The server response packet
carries data indicating a given
routing switch is the primary relay
agent for the original client
request, but the associated
Option 82 field in the response
contains a Remote ID that did not
originate with the relay agent.
All other server response
3
packets
1
Drop is the recommended choice because it protects against an unauthorized client inserting its own Option 82 field for
an incoming request.
2
A routing switch with DHCP Option 82 enabled with the keep option forwards all DHCP server response packets except
those that are not valid for either Option 82 DHCP operation (compliant with RFC 3046) or DHCP operation without Option
82 support (compliant with RFC 2131).
3
A routing switch with DHCP Option 82 enabled drops an inbound server response packet if the packet does not have
any device identified as the primary relay agent (giaddr = null; refer to RFC 2131).
Server response validation is an option you can specify when configuring
Option 82 DHCP for append, replace, or drop operation. (Refer to "Forwarding
Policies" on page 5-84.) Enabling validation on the routing switch can enhance
protection against DHCP server responses that are either from untrusted
sources or are carrying invalid Option 82 information.
With validation enabled, the relay agent applies stricter rules to variations in
the Option 82 field(s) of incoming server responses to determine whether to
forward the response to a downstream device or to drop the response due to
invalid (or missing) Option 82 information. Table 5-18, below, describes relay
agent management of DHCP server responses with optional validation
enabled and disabled
Table 5-18. Relay Agent Management of DHCP Server Response Packets.
Option 82
Configuration
append, replace,
1
or drop
2
keep
append
1
replace or drop
2
keep
append
1
replace or drop
2
keep
2
append, keep
,
1
replace, or drop
Validation Enabled on the
Relay Agent
Drop the server response
packet.
Forward server response
packet to a downstream device.
Drop the server response
packet.
Drop the server response
packet.
Forward server response
packet to a downstream device.
Drop the server response
packet.
Drop the server response
packet.
Forward server response
packet to a downstream device.
Forward server response
packet to a downstream device.
IP Routing Features
Configuring DHCP Relay
Validation Disabled
(The Default)
Forward server response
packet to a downstream device.
Forward server response
packet to a downstream device.
Forward server response
packet to a downstream device.
Drop the server response
packet.
Forward server response
packet to a downstream device.
Forward server response
packet to a downstream device.
Drop the server response
packet.
Forward server response
packet to a downstream device.
Forward server response
packet to a downstream device.
5-87

Advertisement

Table of Contents
loading

This manual is also suitable for:

Procurve 5400zlProcurve 3500yl

Table of Contents