Chapter 4 Dhcp Snooping Configuration; Configuring Dhcp Snooping; Introduction To Dhcp Snooping - H3C S7500 Series Operation Manual

Hide thumbs Also See for S7500 Series:

Table of Contents

Operation Manual – DHCP

H3C S7500 Series Ethernet Switches

Chapter 4 DHCP Snooping Configuration

When configuring DHCP snooping, go to these sections for information you are

interested in:

DHCP-Snooping Option 82

Displaying and Maintaining DHCP Snooping

DHCP Snooping Configuration Example

4.1 Configuring DHCP Snooping

For the sake of security, the IP addresses used by online DHCP clients need to be

tracked for the administrator to verify the corresponding relationship between the IP

addresses the DHCP clients obtained from DHCP servers and the MAC addresses of

the DHCP clients.

Layer 3 switches can track DHCP client IP addresses through a DHCP relay

Layer 2 switches can track DHCP client IP addresses through the DHCP snooping

function, which listens to DHCP broadcast packets.

When an unauthorized DHCP server exists in the network, a DHCP client may obtain

an illegal IP address. To ensure that the DHCP clients obtain IP addresses from valid

DHCP servers, you can specify a port to be a trusted port or an untrusted port through

the DHCP snooping function.

Trusted ports can be used to connect DHCP servers or ports of other switches.

Untrusted ports can be used to connect DHCP clients or networks.

Trusted ports forward any received DHCP packet to ensure that DHCP clients can

obtain IP addresses from valid DHCP servers. Untrusted ports drop all the

received packets.

Switch A is an S7500 series switch.

illustrates a typical network diagram for DHCP snooping application, where

Chapter 4 DHCP Snooping Configuration

Table of Contents