Nsf And Dhcp Snooping - Dell PowerConnect 8024 User Configuration Manual
Hide thumbs
Also See for PowerConnect 8024:
- User configuration manual (1266 pages) ,
- Cli reference manual (1132 pages) ,
- User manual (778 pages)
Table of Contents
Advertisement
NSF and DHCP Snooping
Figure 9-14 illustrates an L2 access switch running DHCP snooping. DHCP
trusted
snooping only accepts DHCP server messages on ports configured as
ports. DHCP snooping listens to DHCP messages to build a bindings
database that lists the IP address the DHCP server has assigned to each host.
IP Source Guard (IPSG) uses the bindings database to filter data traffic in
hardware based on source IP address and source MAC address. Dynamic ARP
Inspection (DAI) uses the bindings database to verify that ARP messages
contain a valid sender IP address and sender MAC address. DHCP snooping
checkpoints its bindings database.
Figure 9-14. NSF and DHCP Snooping
If the stack master fails, all hosts connected to that unit lose network access
until that unit reboots. The hardware on surviving units continues to enforce
source filters IPSG installed prior to the failover. Valid hosts continue to
communicate normally. During the failover, the hardware continues to drop
data packets from unauthorized hosts so that security is not compromised.
173
Managing a Switch Stack
- Quick Links:
- System Management Features
Hide quick links:
Advertisement
Table of Contents
