EasyManua.ls Logo

Cisco Catalyst 4500 Series - Enabling DHCP Snooping on the Aggregation Switch

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
60-9
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 60 Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
Configuring DHCP Snooping
DHCP snooping is operational on following VLANs:
500,555
DHCP snooping is configured on the following L3 Interfaces:
Insertion of option 82 is enabled
circuit-id default format: vlan-mod-port
remote-id: switch123 (string)
Option 82 on untrusted port is not allowed Verification of hwaddr field is enabled DHCP
snooping trust/rate is configured on the following Interfaces:
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
FastEthernet5/1 yes 100
Custom circuit-ids:
VLAN 555: customer-555
FastEthernet2/1 no unlimited
Custom circuit-ids:
VLAN 500: customer-500
Switch#
The following configuration describes the DHCP snooping configuration steps if routing is defined on
another Catalyst switch (for example, a Catalyst 6500 series switch):
// Trust the uplink gigabit Ethernet trunk port
interface range GigabitEthernet 1/1 – 2
switchport mode trunk
switchport trunk encapsulation dot1q
ip dhcp snooping trust
!
interface VLAN 14
ip address 10.33.234.1 255.255.254.0
ip helper-address 10.5.1.2
Note If you are enabling trunking on uplink gigabit interfaces, and the above routing configuration is defined
on a Catalyst 6500 series switch, you must configure the “trust” relationship with downstream DHCP
snooping (on a Catalyst 4500 series switch) which adds Option 82. On a Catalyst 6500 series switch, this
task is accomplished with the ip dhcp relay information trusted VLAN configuration command.
Enabling DHCP Snooping on the Aggregation Switch
To enable DHCP snooping on an aggregation switch, configure the interface connecting to a downstream
switch as a snooping untrusted port. If the downstream switch (or a device such as a DSLAM in the path
between the aggregation switch and the DHCP clients) adds DHCP information Option 82 to the DHCP
packets, the DHCP packets would be dropped on arriving on a snooping untrusted port. If you configure
the ip dhcp snooping information option allow-untrusted global configuration command on the
aggregation switch, the aggregation switch can accept DHCP requests with Option 82 information from
any snooping untrusted port.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals