Chapter 9
| General Security Measures
DHCPv4 Snooping
– 348 –
The circuit identifier used by this switch starts at sub-option1 and goes to the
end of the R-124 string. The R-124 string includes the following information:
■
sub-type - Distinguishes different types of circuit IDs.
■
sub-length - Length of the circuit ID type
■
access node identifier - ASCII string. Default is the MAC address of the
switch’s CPU. This field is set by the ip dhcp snooping information option
command,
■
eth - The second field is the fixed string “eth”
■
slot - The slot represents the stack unit for this system.
■
port - The port which received the DHCP request. If the packet arrives over
a trunk, the value is the ifIndex of the trunk.
■
vlan - Tag of the VLAN which received the DHCP request.
Note that the sub-type and sub-length fields can be enabled or disabled
using the ip dhcp snooping information option command.
■
The ip dhcp snooping information option circuit-id command can be
used to modify the default settings described above.
Example
This example sets the DHCP Snooping Information circuit-id suboption string.
Console(config)#interface ethernet 1/1
Console(config-if)#ip dhcp snooping information option circuit-id string mv2
Console(config-if)#
ip dhcp snooping trust This command configures the specified interface as trusted. Use the no form to
restore the default setting.
Syntax
[no] ip dhcp snooping trust
Default Setting
All interfaces are untrusted
Command Mode
Interface Configuration (Ethernet, Port Channel)
Table 59: Option 82 information
82 3-69 1 1-67 x1 x2 x3 x4 x5 x63
opt82 opt-len sub-opt1 string-len R-124 string
To Next Page
Loading...
Need help?
General