Chapter 8
| General Security Measures
DHCP Snooping
– 248 –
◆ When an untrusted port is changed to a trusted port, all the dynamic DHCP
snooping bindings associated with this port are removed.
◆ Additional considerations when the switch itself is a DHCP client – The port(s)
through which it submits a client request to the DHCP server must be
configured as trusted.
Example
This example sets port 5 to untrusted.
Console(config)#interface ethernet 1/5
Console(config-if)#no ip dhcp snooping trust
Console(config-if)#
Related Commands
ip dhcp snooping (242)
ip dhcp snooping vlan (246)
clear ip
dhcp snooping
database flash
This command removes all dynamically learned snooping entries from flash
memory.
Command Mode
Privileged Exec
Example
Console#clear ip dhcp snooping database flash
Console#
ip dhcp snooping
database flash
This command writes all dynamically learned snooping entries to flash memory.
Command Mode
Privileged Exec
Command Usage
This command can be used to store the currently learned dynamic DHCP snooping
entries to flash memory. These entries will be restored to the snooping table when
the switch is reset. However, note that the lease time shown for a dynamic entry
that has been restored from flash memory will no longer be valid.
Example
Console#ip dhcp snooping database flash
Console#
To Next Page
Loading...
