60-7
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 60 Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
Configuring DHCP Snooping
• Configuring DHCP Snooping with an Ethernet Channel Group, page 60-12
• Enabling the DHCP Snooping Database Agent, page 60-13
• Limiting the Rate of Incoming DHCP Packets, page 60-13
• Configuration Examples for the Database Agent, page 60-15
Note For DHCP server configuration information, refer to “Configuring DHCP” in the Cisco IOS IP and IP
Routing Configuration Guide at:
http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfdhcp.html
Default Configuration for DHCP Snooping
DHCP snooping is disabled by default. Table 60-1 shows all the default configuration values for each
DHCP snooping option.
If you want to change the default configuration values, see the “Enabling DHCP Snooping” section.
Enabling DHCP Snooping
Note When DHCP snooping is enabled globally, DHCP requests are dropped until the ports are configured.
Consequently, you should probably configure this feature during a maintenance window and not during
production.
To enable DHCP snooping, perform this task:
Table 60-1 Default Configuration Values for DHCP Snooping
Option Default Value/State
DHCP snooping Disabled
DHCP snooping information option Enabled
DHCP snooping information option
allow-untrusted
Disabled
DHCP snooping limit rate Infinite (functions as if rate limiting were disabled)
DHCP snooping trust Untrusted
DHCP snooping vlan Disabled
Command Purpose
Step 1
Switch(config)# ip dhcp snooping
Enables DHCP snooping globally.
You can use the no keyword to disable DHCP snooping.
Step 2
Switch(config)# ip dhcp snooping vlan number
[number] | vlan {vlan range}]
Enables DHCP snooping on your VLAN or VLAN
range.
To Next Page
Loading...
Need help?
General
