Displaying and maintaining the dhcp server, Dhcp snooping configuration task list, Configuring basic dhcp snooping – H3C Technologies H3C S12500 Series Switches User Manual

Page 74

Advertising
background image

61

Table 4 Handling strategies

If a DHCP request

has…

Handling

strategy

DHCP snooping…

Option 82

Drop

Drops the message.

Keep

Forwards the message without changing Option 82.

Replace

Forwards the message after replacing the original Option 82 with
the Option 82 padded according to the configured padding format,

padding content, and code type.

No Option 82

N/A

Forwards the message after adding the Option 82 padded
according to the configured padding format, padding content, and

code type.

72B

DHCP snooping configuration task list

If you configure DHCP snooping settings on a Layer 2 Ethernet interface that has been added to an

aggregation group, the settings do not take effect unless the interface is removed from the aggregation

group.

Tasks at a glance

(Required.)

715H

Configuring basic DHCP snooping

(Optional.)

Configuring Option 82

(Optional.)

717H

Saving DHCP snooping entries

(Optional.)

Enabling DHCP starvation attack protection

(Optional.)

719H

Enabling DHCP-REQUEST attack protection

73B

Configuring basic DHCP snooping

Follow these guidelines when you configure basic DHCP snooping:

Specify the ports connected to authorized DHCP servers as trusted ports to make sure that DHCP
clients can obtain valid IP addresses. The trusted ports and the ports connected to DHCP clients

must be in the same VLAN.

Layer 2 Ethernet interfaces and Layer 2 aggregate interfaces can be specified as trusted ports. For
more information about aggregate interfaces, see Layer 2—LAN Switching Configuration Guide.

If you configure DHCP snooping settings on a Layer 2 Ethernet interface that has been added to an
aggregation group, the settings do not take effect unless the interface is removed from the

aggregation group.

DHCP snooping can work with basic QinQ or flexible QinQ to record VLAN tags for DHCP
packets received from clients. Upon receiving a DHCP packet that has one VLAN tag, QinQ adds

an outer tag to the packet. DHCP snooping records the two VLAN tags of the packet in a DHCP
snooping entry. However, if you configure flexible QinQ to also modify the original VLAN ID of the

packet, DHCP snooping cannot record the VLAN tags. For more information about QinQ, see

Layer 2LAN Switching Configuration Guide.

Advertising
This manual is related to the following products:

H3C SR8800, H3C SR6600-X, H3C SR6600, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S6800 Series Switches, H3C S3100V2 Series Switches, H3C S12500-X Series Switches, H3C S9800 Series Switches

Popular Brands
Popular manuals