2-6
Related commands: dhcp-server ip, display dhcp-server, display dhcp-server interface
vlan-interface.
To improve security and avoid malicious attack to the unused SOCKETs, S3600 Ethernet switches
provide the following functions:
z UDP 67 and UDP 68 ports used by DHCP are enabled only when DHCP is enabled.
z UDP 67 and UDP 68 ports are disabled when DHCP is disabled.
The corresponding implementation is as follows.
z When a VLAN interface is mapped to a DHCP server group with the dhcp-server command, the
DHCP relay agent is enabled. At the same time, UDP 67 and UDP 68 ports used by DHCP are
enabled.
z When the mapping between a VLAN interface and a DHCP server group is removed with the undo
dhcp-server command, DHCP services are disabled. At the same time, UDP 67 and UDP 68 ports
used by DHCP are disabled.
Examples
# Enter system view.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
# Enter VLAN-interface 1 view.
[Sysname] interface vlan-interface 1
# Specify that VLAN-interface 1 corresponds to DHCP server group 1.
[Sysname-Vlan-interface1] dhcp-server 1
dhcp-server detect
Syntax
dhcp-server detect
undo dhcp-server detect
View
System view
Parameters
None
Description
Use the dhcp-server detect command to enable the switch serving as a DHCP relay agent to detect
unauthorized DHCP servers.
Use the undo dhcp-server detect command to disable the unauthorized DHCP server detection
function.
To Next Page
Loading...
Need help?
General