50-7
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 50 Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
Configuring DHCP Snooping
• Enabling DHCP Snooping on the Aggregation Switch, page 50-9
• Enabling DHCP Snooping and Option 82, page 50-10
• Enabling DHCP Snooping on Private VLAN, page 50-12
• Configuring DHCP Snooping on Private VLAN, page 50-12
• Configuring DHCP Snooping with an Ethernet Channel Group, page 50-12
• Enabling the DHCP Snooping Database Agent, page 50-13
• Limiting the Rate of Incoming DHCP Packets, page 50-13
• Configuration Examples for the Database Agent, page 50-15
Note For DHCP server configuration information, refer to “Configuring DHCP” in the Cisco IOS IP and IP
Routing Configuration Guide at:
http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfdhcp.html
Default Configuration for DHCP Snooping
DHCP snooping is disabled by default. Table 50-1 shows all the default configuration values for each
DHCP snooping option.
If you want to change the default configuration values, see the “Enabling DHCP Snooping” section.
Enabling DHCP Snooping
Note When DHCP snooping is enabled globally, DHCP requests are dropped until the ports are configured.
Consequently, you should probably configure this feature during a maintenance window and not during
production.
Table 50-1 Default Configuration Values for DHCP Snooping
Option Default Value/State
DHCP snooping Disabled
DHCP snooping information option Enabled
DHCP snooping information option
allow-untrusted
Disabled
DHCP snooping limit rate Infinite (functions as if rate limiting were disabled)
DHCP snooping trust Untrusted
DHCP snooping vlan Disabled
To Next Page
Loading...
Need help?
General
