Chapter 27 DHCP Snooping
GS2220 Series User’s Guide
263
C HAPTER 27
DHCP Sno o ping
27.1 DHC P Sno o ping O ve rvie w
With DHCP snooping, the Switch can build the binding table dynamically by snooping DHCP packets
(dynamic bindings) and filter unauthorized DHCP packets in your network.
The Switch uses a binding table to distinguish between authorized and unauthorized DHCP packets in
your network. A binding contains these key attributes:
• MAC address
• VLAN ID
• IP address
• Port number
When the Switch receives a DHCP packet, it looks up the appropriate MAC address, VLAN ID, IP
address, and port number in the binding table. If there is a binding, the Switch forwards the packet. If
there is not a binding, the Switch discards the packet.
27.1.1 Wha t You C a n Do
• Use the DHCP Sno o ping screen (
Section 27.2 on page 263) to look at various statistics about the DHCP
snooping database.
• Use this DHCP Sno o ping C o nfig ure screen (Section 27.3 on page 266) to enable DHCP snooping on
the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and
configure the DHCP snooping database.
• Use the DHC P Sno o ping Po rt Co nfig ure screen (
Section 27.3.1 on page 267) to specify whether ports
are trusted or untrusted ports for DHCP snooping.
• Use the DHC P Sno o ping VLAN C o nfig ure screen (Section 27.3.2 on page 268) to enable DHCP
snooping on each VLAN and to specify whether or not the Switch adds DHCP relay agent option 82
information to DHCP requests that the Switch relays to a DHCP server for each VLAN.
• Use the DHC P Sno o ping VLAN Po rt C o nfig ure screen (
Section 27.3.3 on page 269) to apply a different
DHCP option 82 profile to certain ports in a VLAN.
27.2 DHC P Sno o ping
Use this screen to look at various statistics about the DHCP snooping database.
To open this screen, click Adva nc e d Applic a tio n > IP Sourc e Gua rd > IPv4 So urc e G ua rd Se tup > DHC P
Sno o ping .
To Next Page
Loading...
Need help?
General
