87
If a match is found, DHCP snooping compares the entry with the message. If they have
consistent information, DHCP snooping considers the packet valid and forwards it to the DHCP
server. If they have different information, DHCP snooping considers the message invalid and
discards it.
If no match is found, DHCP snooping forwards the message to the DHCP server.
Examples
# Enable DHCP-REQUEST check for DHCP snooping.
<Sysname> system-view
[Sysname] interface Ten-GigabitEthernet 1/0/1
[Sysname-Ten-GigabitEthernet1/0/1] dhcp snooping check request-message
dhcp snooping deny
Use dhcp snooping deny to configure a port as DHCP packet blocking port.
Use undo dhcp snooping deny to restore the default.
Syntax
dhcp snooping deny
undo ipv6 dhcp snooping deny
Default
A port does not block DHCP packets.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Predefined user roles
network-admin
Usage guidelines
DHCP clients connected to DHCP packet blocking ports cannot obtain IP addresses and other
configuration parameters from the DHCP server.
Do not configure a port as both a trusted port and a DHCP packet blocking port.
Examples
# Configure Layer 2 Ethernet interface Ten-GigabitEthernet 1/0/1 as a DHCP packet blocking port.
<Sysname> system-view
[Sysname] interface Ten-GigabitEthernet 1/0/1
[Sysname-Ten-GigabitEthernet1/0/1] dhcp snooping deny
dhcp snooping enable
Use dhcp snooping enable to enable DHCP snooping.
Use undo dhcp snooping enable to disable DHCP snooping.
Syntax
dhcp snooping enable
undo dhcp snooping enable
Default
DHCP snooping is disabled.
To Next Page
Loading...
