C
HAPTER
28
| General Security Measures
DHCP Snooping
– 724 –
show network-
access mac-filter
Use this command to display information for entries in the MAC filter
tables.
SYNTAX
show network-access mac-filter [filter-id]
filter-id - Specifies a MAC address filter table. (Range: 1-64)
DEFAULT SETTING
Displays all filters.
COMMAND MODE
Privileged Exec
EXAMPLE
Consoleshownetwork-access mac-filter
Filter ID MAC Address MAC Mask
--------- ----------------- -----------------
1 00-00-01-02-03-08 FF-FF-FF-FF-FF-FF
Console#
DHCP SNOOPING
DHCP snooping allows a switch to protect a network from rogue DHCP
servers or other devices which send port-related information to a DHCP
server. This information can be useful in tracking an IP address back to a
physical port. This section describes commands used to configure DHCP
snooping.
Table 70: DHCP Snooping Commands
Command Function Mode
ip dhcp snooping Enables DHCP snooping globally GC
ip dhcp snooping database
flash
Writes all dynamically learned snooping entries to
flash memory
GC
ip dhcp snooping
information option
Enables or disables DHCP Option 82 information
relay
GC
ip dhcp snooping
information policy
Sets the information option policy for DHCP client
packets that include Option 82 information
GC
ip dhcp snooping verify
mac-address
Verifies the client’s hardware address stored in the
DHCP packet against the source MAC address in
the Ethernet header
GC
ip dhcp snooping vlan Enables DHCP snooping on the specified VLAN GC
ip dhcp snooping trust Configures the specified interface as trusted IC
clear ip dhcp snooping
database flash
Removes all dynamically learned snooping entries
from flash memory.
PE
show ip dhcp snooping Shows the DHCP snooping configuration settings PE
show ip dhcp snooping
binding
Shows the DHCP snooping binding table entries PE
To Next Page
Loading...
Need help?
General
