Chapter 8
| General Security Measures
DHCPv4 Snooping
– 288 –
ip dhcp snooping vlan This command enables DHCP snooping on the specified VLAN. Use the no form to
restore the default setting.
Syntax
[no] ip dhcp snooping vlan vlan-id
vlan-id - ID of a configured VLAN (Range: 1-4094)
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
◆ When DHCP snooping is enabled globally using the ip dhcp snooping
command, and enabled on a VLAN with this command, DHCP packet filtering
will be performed on any untrusted ports within the VLAN as specified by the ip
dhcp snooping trust command.
◆ When the DHCP snooping is globally disabled, DHCP snooping can still be
configured for specific VLANs, but the changes will not take effect until DHCP
snooping is globally re-enabled.
◆ When DHCP snooping is globally enabled, and then disabled on a VLAN, all
dynamic bindings learned for this VLAN are removed from the binding table.
Example
This example enables DHCP snooping for VLAN 1.
Console(config)#ip dhcp snooping vlan 1
Console(config)#
Related Commands
ip dhcp snooping (281)
ip dhcp snooping trust (290)
ip dhcp snooping
information option
circuit-id
This command specifies DHCP Option 82 circuit-id suboption information. Use the
no form to use the default settings.
Syntax
ip dhcp snooping information option circuit-id string string
no dhcp snooping information option circuit-id
string - An arbitrary string inserted into the circuit identifier field.
(Range: 1-32 characters)
To Next Page
Loading...
