Chapter 9
| General Security Measures
DHCPv4 Snooping
– 291 –
ip dhcp snooping vlan
This command enables DHCP snooping on the specified VLAN. Use the
no
form to
restore the default setting.
Syntax
[
no
]
ip dhcp snooping vlan
vlan-id
vlan-id - ID of a configured VLAN (Range: 1-4094)
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
◆
When DHCP snooping is enabled globally using the ip dhcp snooping
command, and enabled on a VLAN with this command, DHCP packet filtering
will be performed on any untrusted ports within the VLAN as specified by the ip
dhcp snooping trust command.
◆
When the DHCP snooping is globally disabled, DHCP snooping can still be
configured for specific VLANs, but the changes will not take effect until DHCP
snooping is globally re-enabled.
◆
When DHCP snooping is globally enabled, and then disabled on a VLAN, all
dynamic bindings learned for this VLAN are removed from the binding table.
Example
This example enables DHCP snooping for VLAN 1.
Console(config)#ip dhcp snooping vlan 1
Console(config)#
Related Commands
ip dhcp snooping (283)
ip dhcp snooping trust (295)
To Next Page
Loading...
