C
HAPTER
25
| General Security Measures
DHCP Snooping
– 679 –
EXAMPLE
This example enables MAC address verification.
Console(config)#ip dhcp snooping verify mac-address
Console(config)#
RELATED COMMANDS
ip dhcp snooping (674)
ip dhcp snooping vlan (679)
ip dhcp snooping trust (680)
ip dhcp snooping
vlan
This command enables DHCP snooping on the specified VLAN. Use the no
form to restore the default setting.
SYNTAX
[no] ip dhcp snooping vlan vlan-id
vlan-id - ID of a configured VLAN (Range: 1-4093)
DEFAULT SETTING
Disabled
COMMAND MODE
Global Configuration
COMMAND USAGE
◆ When DHCP snooping enabled globally using the ip dhcp snooping
command, and enabled on a VLAN with this command, DHCP packet
filtering will be performed on any untrusted ports within the VLAN as
specified by the ip dhcp snooping trust command.
◆ When the DHCP snooping is globally disabled, DHCP snooping can still
be configured for specific VLANs, but the changes will not take effect
until DHCP snooping is globally re-enabled.
◆ When DHCP snooping is globally enabled, configuration changes for
specific VLANs have the following effects:
■
If DHCP snooping is disabled on a VLAN, all dynamic bindings
learned for this VLAN are removed from the binding table.
EXAMPLE
This example enables DHCP snooping for VLAN 1.
Console(config)#ip dhcp snooping vlan 1
Console(config)#
To Next Page
Loading...
