282
Application environment of trusted ports
Configuring a trusted port connected to a DHCP server
Figure 249 Configure trusted and untrusted ports
As shown in Figure 249, a DHCP snooping device’s port that is connected to an authorized DHCP server
should be configured as a trusted port to forward reply messages from the DHCP server, so that the
DHCP client can obtain an IP address from the authorized DHCP server.
Configuring trusted ports in a cascaded network
In a cascaded network involving multiple DHCP snooping devices, the ports connected to other DHCP
snooping devices should be configured as trusted ports.
To save system resources, you can disable the trusted ports, which are indirectly connected to DHCP
clients, from recording clients’ IP-to-MAC bindings upon receiving DHCP requests.
Figure 250 Configure trusted ports in a cascaded network
DHCP snooping
Switch A
DHCP snooping
Switch C
DHCP client
Host D
DHCP client
Host C
DHCP client
Host B
DHCP server
DHCP snooping
Switch B
GE1/0/4 GE1/0/2
GE1/0/3
GE1/0/1 GE1/0/2
GE1/0/3
GE1/0/4
GE1/0/2
GE1/0/1
GE1/0/3
GE1/0/1
DHCP client
Host A
GE1/0/1
Untrusted ports
Trusted ports disabled from recording binding entries
Trusted ports enabled to record binding entries
Table 110 describes roles of the ports shown in Figure 250.
To Next Page
Loading...
Need help?
General
