Dhcp user class configuration example, Basic dhcp snooping configuration example, Option 82 configuration example – H3C Technologies H3C S12500 Series Switches User Manual

66

224B

Basic DHCP snooping configuration example

347B

Network requirements

As shown in

722H

Figure 25

, configure the port GigabitEthernet 3/0/1 connected to the DHCP server as a

trusted port and configure other ports as untrusted ports. Enable DHCP snooping to record clients'

IP-MAC bindings by reading DHCP-ACK messages received from the trusted port and DHCP-REQUEST
messages.

Figure 25 Network diagram

348B

Configuration procedure

# Enable DHCP snooping.

<SwitchB> system-view

[SwitchB] dhcp snooping enable

# Configure GigabitEthernet 3/0/1 as a trusted port.

[SwitchB] interface GigabitEthernet 3/0/1

[SwitchB-GigabitEthernet3/0/1] dhcp snooping trust

[SwitchB-GigabitEthernet3/0/1] quit

# Enable DHCP snooping to record clients' IP-MAC bindings on GigabitEthernet 3/0/2.

[SwitchB] interface GigabitEthernet 3/0/2

[SwitchB-GigabitEthernet3/0/2] dhcp snooping binding record

[SwitchB-GigabitEthernet3/0/2] quit

349B

Verifying the configuration

After the preceding configuration is complete, the DHCP client can obtain an IP address and other

configuration parameters only from the authorized DHCP server. You can view the DHCP snooping entry

recorded for the client with the display dhcp snooping binding command.

225B

Option 82 configuration example

350B

Network requirements

As shown in

723H

Figure 26

, enable DHCP snooping and configure Option 82 on Switch B as follows:

•

Configure the handling strategy for DHCP requests containing Option 82 as replace.

•

On GigabitEthernet 3/0/2, configure the padding content for the circuit ID sub-option as
company001 and for the remote ID sub-option as device001.

GE3/0/1

Switch A

DHCP server

Switch B

DHCP snooping

GE3/0/2

GE3/0/3

DHCP client

Unauthorized

DHCP server