Dhcp user class configuration example, Basic dhcp snooping configuration example, Option 82 configuration example – H3C Technologies H3C S12500 Series Switches User Manual
Page 79
66
224B
Basic DHCP snooping configuration example
347B
Network requirements
As shown in
722H
Figure 25
, configure the port GigabitEthernet 3/0/1 connected to the DHCP server as a
trusted port and configure other ports as untrusted ports. Enable DHCP snooping to record clients'
IP-MAC bindings by reading DHCP-ACK messages received from the trusted port and DHCP-REQUEST
messages.
Figure 25 Network diagram
348B
Configuration procedure
# Enable DHCP snooping.
<SwitchB> system-view
[SwitchB] dhcp snooping enable
# Configure GigabitEthernet 3/0/1 as a trusted port.
[SwitchB] interface GigabitEthernet 3/0/1
[SwitchB-GigabitEthernet3/0/1] dhcp snooping trust
[SwitchB-GigabitEthernet3/0/1] quit
# Enable DHCP snooping to record clients' IP-MAC bindings on GigabitEthernet 3/0/2.
[SwitchB] interface GigabitEthernet 3/0/2
[SwitchB-GigabitEthernet3/0/2] dhcp snooping binding record
[SwitchB-GigabitEthernet3/0/2] quit
349B
Verifying the configuration
After the preceding configuration is complete, the DHCP client can obtain an IP address and other
configuration parameters only from the authorized DHCP server. You can view the DHCP snooping entry
recorded for the client with the display dhcp snooping binding command.
225B
Option 82 configuration example
350B
Network requirements
As shown in
723H
Figure 26
, enable DHCP snooping and configure Option 82 on Switch B as follows:
•
Configure the handling strategy for DHCP requests containing Option 82 as replace.
•
On GigabitEthernet 3/0/2, configure the padding content for the circuit ID sub-option as
company001 and for the remote ID sub-option as device001.
GE3/0/1
Switch A
DHCP server
Switch B
DHCP snooping
GE3/0/2
GE3/0/3
DHCP client
Unauthorized
DHCP server