Chapter 8
| General Security Measures
DHCP Snooping
– 275 –
ip dhcp snooping vlan This command enables DHCP snooping on the specified VLAN. Use the no form to
restore the default setting.
Syntax
[no] ip dhcp snooping vlan vlan-id
vlan-id - ID of a configured VLAN (Range: 1-4094)
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
â—† When DHCP snooping is enabled globally using the ip dhcp snooping
command, and enabled on a VLAN with this command, DHCP packet filtering
will be performed on any untrusted ports within the VLAN as specified by the ip
dhcp snooping trust command.
â—† When the DHCP snooping is globally disabled, DHCP snooping can still be
configured for specific VLANs, but the changes will not take effect until DHCP
snooping is globally re-enabled.
â—† When DHCP snooping is globally enabled, and DHCP snooping is then disabled
on a specific VLAN, all dynamic bindings learned for this VLAN are removed
from the binding table.
Example
This example enables DHCP snooping for VLAN 1.
Console(config)#ip dhcp snooping vlan 1
Console(config)#
Related Commands
ip dhcp snooping (270)
ip dhcp snooping trust (277)
To Next Page
Loading...
Need help?
General
