EasyManuals Logo
Home>Ruijie>Wireless Access Point>RG-WLAN Series

Ruijie RG-WLAN Series User Manual

Ruijie RG-WLAN Series
1243 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #848 background imageLoading...
Page #848 background image
Configuration Guide Configuring DHCP Snooping
Snooping binding database. Combined with ARP detection and ARP check, DHCP Snooping controls the reliable
assignment of IP addresses for legal clients.
DHCP Snooping Rate Limit
DHCP Snooping rate limit function can be configured through the rate limit command of Network Foundation Protection
Policy (NFPP). For NFPP configuration, see the Configuring NFPP.
DHCP Option82
DHCP Option82, an option for DHCP packets, is also called DHCP Relay Agent Information Option. As the option number is
82, it is known as Option82. Option82 is developed to enhance the security of DHCP servers and improve the strategies of IP
address assignment. The option is often configured for the DHCP relay services of a network access device like DHCP Relay
and DHCP Snooping. This option is transparent to DHCP clients, and DHCP relay components realize the addition and
deduction of the option.
Illegal DHCP Packets
Through DHCP Snooping, validation is performed on the DHCP packets passing through a client. Illegal DHCP packets are
discarded, user information is recorded into the DHCP Snooping binding database for further applications(for example, ARP
detection). The following types of packets are considered illegal DHCP packets.
The DHCP response packets received on untrusted ports, including DHCP-ACK, DHCP-NACK and DHCP-OFFER
packets
The DHCP request packets carrying gateway information giaddr, which are received on untrusted ports
When MAC verification is enabled, packets with source MAC addresses different with the value of the chaddr field in
DHCP packets
DHCP-RELEASE packets with the entry in the DHCP Snooping binding database Snooping while with untrusted ports
inconsistent with settings in this binding database
DHCP packets in wrong formats, or incomplete
Overview
Feature
Description
Filtering DHCP
packets
Perform legality check on DHCP packets and discard illegal packets (see the previous section for the
introduction of illegal packets). Transfer requests packets received on trusted ports only.
Buildling the DHCP
Snooping binding
database
Snoop the interaction between DHCP clients and the server, and generate the DHCP Snooping
binding database to provide basis for other filtering modules.
8.3.1 Filtering DHCP Packets
Perform validation on DHCP packets from untrusted ports. Filter out the illegal packets as introduced in the previous section
"Basic Concepts".

Table of Contents

Other manuals for Ruijie RG-WLAN Series

Preview: Rgos Command Reference
Rgos Command Reference657 pages
Preview: Configuration Guide
Configuration Guide712 pages
Preview: Web-Based Configuration Guide
Web-Based Configuration Guide71 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Ruijie RG-WLAN Series and is the answer not in the manual?

Ruijie RG-WLAN Series Specifications

General IconGeneral
BrandRuijie
ModelRG-WLAN Series
CategoryWireless Access Point
LanguageEnglish

Related product manuals