Chapter 12
| Security Measures
DHCP Snooping
– 383 –
◆ DHCP Snooping Information Option Status – Enables or disables DHCP
Option 82 information relay. (Default: Disabled)
◆ DHCP Snooping Information Option Sub-option Format – Enables or
disables use of sub-type and sub-length fields in circuit-ID (CID) and remote-ID
(RID) in Option 82 information. (Default: Enabled)
◆ DHCP Snooping Information Option Remote ID – Specifies the MAC address,
IP address, or arbitrary identifier of the requesting device (i.e., the switch in this
context).
â–
MAC Address – Inserts a MAC address in the remote ID sub-option for the
DHCP snooping agent (i.e., the MAC address of the switch’s CPU). This
attribute can be encoded in Hexadecimal or ASCII.
â–
IP Address – Inserts an IP address in the remote ID sub-option for the
DHCP snooping agent (i.e., the IP address of the management interface).
This attribute can be encoded in Hexadecimal or ASCII.
â–
string - An arbitrary string inserted into the remote identifier field.
(Range: 1-32 characters)
◆ DHCP Snooping Information Option Policy – Specifies how to handle DHCP
client request packets which already contain Option 82 information.
â–
Drop – Drops the client’s request packet instead of relaying it.
â–
Keep – Retains the Option 82 information in the client request, and
forwards the packets to trusted ports.
â–
Replace – Replaces the Option 82 information circuit-id and remote-id
fields in the client’s request with information about the relay agent itself,
inserts the relay agent’s address (when DHCP snooping is enabled), and
forwards the packets to trusted ports. (This is the default policy.)
Web Interface
To configure global settings for DHCP Snooping:
1. Click IP Service, DHCP, Snooping.
2. Select Configure Global from the Step list.
3. Select the required options for the general DHCP snooping process and for the
DHCP Option 82 information option.
4. Click Apply
To Next Page
Loading...
Need help?
General