Chapter 12
| Security Measures
DHCP Snooping
– 349 –
◆ DHCP Snooping Information Option Policy – Specifies how to handle DHCP
client request packets which already contain Option 82 information.
â–
Drop – Drops the client’s request packet instead of relaying it.
â–
Keep – Retains the Option 82 information in the client request, and
forwards the packets to trusted ports.
â–
Replace – Replaces the Option 82 information circuit-id and remote-id
fields in the client’s request with information about the relay agent itself,
inserts the relay agent’s address (when DHCP snooping is enabled), and
forwards the packets to trusted ports. (This is the default policy.)
Web Interface
To configure global settings for DHCP Snooping:
1. Click IP Service, DHCP, Snooping.
2. Select Configure Global from the Step list.
3. Select the required options for the general DHCP snooping process and for the
DHCP Option 82 information option.
4. Click Apply
Figure 222: Configuring Global Settings for DHCP Snooping
DHCP Snooping
VLAN Configuration
Use the IP Service > DHCP > Snooping (Configure VLAN) page to enable or disable
DHCP snooping on specific VLANs.
Command Usage
â—† When DHCP snooping is enabled globally on the switch, and enabled on the
specified VLAN, DHCP packet filtering will be performed on any untrusted ports
within the VLAN.
To Next Page
Loading...
Need help?
General
