3Com 4200G 12-Port Configuration Manual page 410
4200g series switch
Hide thumbs
Also See for 4200G 12-Port:
- Configuration manual (730 pages) ,
- Getting started manual (104 pages) ,
- Quick reference manual (43 pages)
Table of Contents
Advertisement
396
C
46: DHCP R
HAPTER
Configuring DHCP Relay
Security
C
ELAY
ONFIGURATION
You can configure an interface to forward DHCP packets received from DHCP clients
to a group of external DHCP server(s), so that the DHCP server(s) in this group can
assign IP addresses to the DHCP clients under this interface.
Table 339 Configure an interface to operate in DHCP relay mode
Operation
Enter system view
Configure the DHCP
server IP address(es) in
a specified DHCP server
group
Map an interface to a
DHCP server group
You can configure up to eight external DHCP IP addresses in a DHCP server group.
You can map multiple VLAN interfaces to one DHCP server group. But one VLAN
interface can be mapped to only one DHCP server group. If you execute the
dhcp-server groupNo command repeatedly, the new configuration overwrites the
previous one.
The group number referenced in the dhcp-server groupNo command must has
already been configured by using the dhcp-server groupNo ip ipaddress1 [
ipaddress-list ] command.
Configuring address checking
When a DHCP client obtain an IP address from a DHCP server with the help of a DHCP
relay, the DHCP relay creates an entry (dynamic entry) in the user address table to
track the IP-MAC address binding information about the DHCP client. You can also
configure user address entries manually (static entries) to bind an IP address and a
MAC address statically.
The purpose of the address checking function on DHCP relay is to prevent
unauthorized users from statically configuring IP addresses to access external
networks. With this function enabled, a DHCP relay inhibits a user from accessing
external networks if the IP address configured on the user end and the MAC address
of the user end do not match any entries (including the entries dynamically tracked by
the DHCP relay and the manually configured static entries) in the user address table
on the DHCP relay.
Table 340 Configure address checking
Operation
Enter system view
Create a DHCP user
address entry manually
Enter interface view
Enable the address
checking function
Command
system-view
dhcp-server groupNo ip
ip-address1 [ ipaddress-list ]
interface interface-type
interface-number
dhcp-server groupNo
Command
system-view
dhcp-security static
ip-address mac-address
interface interface-type
interface-number
address-check enable
Description
—
Required
By default, no DHCP server IP
address is configured in a DHCP
server group.
Required
By default, a VLAN interface is not
mapped to any DHCP server group.
Description
—
Optional
By default, there is no manually
configured DHCP user address
entry.
—
Required
By default, the address checking
function is disabled.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
