IP Configuration
IPv4 Management and Interfaces
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4 297
16
DHCP Snooping Binding Database
DHCP Snooping builds a database (known as the DHCP Snooping Binding database) derived
from information taken from DHCP packets entering the device through trusted ports.
The DHCP Snooping Binding database contains the following data: input port, input VLAN,
MAC address of the client and IP address of the client if it exists.
The DHCP Snooping Binding database is also used by IP Source Guard and Dynamic ARP
Inspection features to determine legitimate packet sources.
DHCP Trusted Ports
Ports can be either DHCP trusted or untrusted. By default, all ports are untrusted. To create a
port as trusted, use the Interface Settings page. Packets from these ports are automatically
forwarded. Packets from trusted ports are used to create the Binding database and are handled
as described below.
If DHCP Snooping is not enabled, all ports are trusted by default.
Option 82
Insertion
Disabled
Packet is sent
without Option
82
Packet is sent
with the
original Option
82
Relay discards
Option 82
Bridge -
Packet is sent
without Option
82
Relay
1. If reply originates
on the device, packet is
sent without Option 82
2. If reply does not
originate on the
device, discards the
packet
Bridge – Packet is sent
with the original
Option 82
Option 82
Insertion
Enabled
Packet is sent
without Option
82
Packet is sent
without Option
82
Relay –
discards
Option 82
Bridge –
Packet is sent
without Option
82
Packet is sent without
Option 82
DHCP Relay
VLAN with IP Address
DHCP Relay
VLAN without IP Address
To Next Page
Loading...
Need help?
General
