Enterasys C3G124-24 - Set Dhcpsnooping Binding

Enterasys C3G124-24

954 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

set dhcpsnooping binding

23-6 DHCP Snooping and Dynamic ARP Inspection

Usage

In order for DHCP snooping to operate, snooping has to be enabled globally and on specific

VLANs, and the ports within the VLANs have to be configured as trusted or untrusted. On

trusted ports, DHCP client messages are forwarded directly by the hardware. On untrusted ports,

client messages are given to the DHCP snooping application.

The DHCP snooping application builds the bindings database from client messages received on

untrusted ports. DHCP snooping creates a “tentative binding” from DHCP DISCOVER and

REQUEST messages. Tentative bindings tie a client to the port on which the message packet was

received. Tentative bindings are completed when DHCP snooping learns the client’s IP address

from a DHCP ACK message on a trusted port.

The ports on the switch through which DHCP servers are reached must be configured as trusted

ports so that packets received from those ports will be forwarded to clients. DCHP packets from a

DHCP server (DHCP OFFER, DHCP ACK, DHCP NAK) are dropped if received on an untrusted

port.

Example

This example configures port ge.1.1 as a trusted port.

C3

(rw)->set dhcpsnooping trust port ge.1.1 enable

set dhcpsnooping binding

Use this command to add a static DHCP binding to the DHCP snooping database.

Syntax

set dhcpsnooping binding mac-address vlan vlan-id ipaddr port port-string

Parameters

Defaults

None.

Mode

Switch command, read-write.

Usage

When enabled globally and on VLANs, DHCP snooping builds its bindings database from DHCP

client messages received on untrusted ports. Such entries in the database are dynamic entries

which will be removed in response to valid DECLINE, RELEASE, and NACK messages or when

the absolute lease time of the entry expires.

You can add static entries to the bindings database with this command.

mac-address Specifies the MAC address of the binding entry.

vlan vlan-id Specifies the VLAN of the binding entry.

ipaddr Specifies the IP address of the binding entry.

port port-string Specifies the port of the binding entry.

Table of Contents

Related product manuals

Preview: Enterasys SecureStack C2

Enterasys SecureStack C2

Preview: SecureStack C2 C2G124-24

SecureStack C2 C2G124-24

Preview: Enterasys D-Series

Enterasys D-Series

Preview: Enterasys B5G124-24

Enterasys B5G124-24

Enterasys A4H124-48P

Enterasys 08G20G4-48

Preview: Enterasys B5G124-24P2

Enterasys B5G124-24P2

Enterasys SSA-G1018-0652

Preview: Enterasys Matrix 2G4072-52

Enterasys Matrix 2G4072-52

Preview: Enterasys Matrix-V V2H124-24

Enterasys Matrix-V V2H124-24

Preview: Enterasys Matrix E1 1H582-51

Enterasys Matrix E1 1H582-51

Preview: SecureStack B2 B2G124-48P

SecureStack B2 B2G124-48P