Chapter 9
| General Security Measures
DHCPv6 Snooping
– 326 –
Example
This example configures the switch to keep existing remote-id option 37
information within DHCPv6 client packets and forward it.
Console(config)#ipv6 dhcp snooping option remote-id policy keep
Console(config)#
ipv6 dhcp snooping
vlan
This command enables DHCPv6 snooping on the specified VLAN. Use the no form
to restore the default setting.
Syntax
[no] ipv6 dhcp snooping vlan {vlan-id | vlan-range}
vlan-id - ID of a configured VLAN (Range: 1-4094)
vlan-range - A consecutive range of VLANs indicated by the use a hyphen,
or a random group of VLANs with each entry separated by a comma.
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
â—† When DHCPv6 snooping enabled globally using the ipv6 dhcp snooping
command, and enabled on a VLAN with this command, DHCPv6 packet
filtering will be performed on any untrusted ports within the VLAN as specified
by the ipv6 dhcp snooping trust command.
â—† When the DHCPv6 snooping is globally disabled, DHCPv6 snooping can still be
configured for specific VLANs, but the changes will not take effect until DHCPv6
snooping is globally re-enabled.
â—† When DHCPv6 snooping is enabled globally, and then disabled on a VLAN, all
dynamic bindings learned for this VLAN are removed from the binding table.
Example
This example enables DHCP6 snooping for VLAN 1.
Console(config)#ipv6 dhcp snooping vlan 1
Console(config)#
Related Commands
ipv6 dhcp snooping (321)
ipv6 dhcp snooping trust (327)
To Next Page
Loading...
Need help?
General