Ip dhcp snooping information policy, Ip dhcp snooping, Information policy – Microsens MS453490M Management Guide User Manual
Page 664
C
HAPTER
25
| General Security Measures
DHCP Snooping
– 664 –
◆
Use the ip dhcp snooping information option command to specify
how to handle DHCP client request packets which already contain
Option 82 information.
E
XAMPLE
This example enables the DHCP Snooping Information Option.
Console(config)#ip dhcp snooping information option
Console(config)#
ip dhcp snooping
information policy
This command sets the DHCP snooping information option policy for DHCP
client packets that include Option 82 information.
S
YNTAX
ip dhcp snooping information policy {drop | keep | replace}
drop - Drops the client’s request packet instead of relaying it.
keep - Retains the Option 82 information in the client request, and
forwards the packets to trusted ports.
replace - Replaces the Option 82 information circuit-id and
remote-id fields in the client’s request with information about the
relay agent itself, inserts the relay agent’s address (when DHCP
snooping is enabled), and forwards the packets to trusted ports.
D
EFAULT
S
ETTING
replace
C
OMMAND
M
ODE
Global Configuration
C
OMMAND
U
SAGE
When the switch receives DHCP packets from clients that already include
DHCP Option 82 information, the switch can be configured to set the action
policy for these packets. The switch can either drop the DHCP packets,
keep the existing information, or replace it with the switch’s relay
information.
E
XAMPLE
Console(config)#ip dhcp snooping information policy drop
Console(config)#