Chapter 8 Access Service
Confidential and Proprietary Information of ZTE CORPORATION 195
FIGURE 34 TYPICAL NETWORK OF DHCP
Set attribute of the port on switch connecting to users directly as
Client. Set attribute of the port up-connecting to server as
Server, and that of port cascade connecting as Cascade.
Enable DHCP Snooping function, and DHCP response packets
coming into switch from the port except Server port will be
filtered. This method solves the problem caused by private
DHCP server. Switch generates and maintains an information
table of users who succeed to get host configuration, which
make it effective to distinguish and prevent the illegal users of
IP or MAC address deceiving from accessing.
Enable IP source guard function on the base of DHCP Snooping.
It can stop IP data flow with illegal address, and it also can
prevent flux attack caused by embezzling neighbor IP address.
Enable DHCP Option82 function, and request DHCP packets sent
by users will add Option82 according to user configurations. It
makes it possible for hosts to interact with more special
information with DHCP Server. Using Circuit ID sub-option,
switch provides user access link information, which is good for
server to distribute and manage address. Server limits the
amount of user IP address that distributed to each Remote ID
labeled switch, which prevent IP address from exhausting.
With incident user ID option of Option82, DHCP server does not
need to use the un-authorized or off-standard client identify field.
Correlating user MAC address and Remote ID makes server to
prevent illegal users of other Remote ID who use same MAC
address to deceive from accessing.
Configuring Global DHCP
This topic describes the DHCP global configuration on ZXR10
2920/2928/2952 to support snooping and Option82 function.
For the global configuration of DHCP, perform the following
steps.
1. To enable/disable the system of DHCP function, use
command set dhcp {enable|disable} in global
configuration mode. This is shown in
Table 324.
DHCP
Snooping
Function
DHCP Option82
Purpose
Steps
To Next Page
Loading...
