H3C Technologies H3C S7500E Series Switches User Manual

Page 70

Advertising
background image

6-5

To do…

Use the command…

Remarks

Enter system view

system-view

Create a DHCP server group and

add a server into the group

dhcp relay server-group group-id ip

ip-address

Required

Not created by default.

Enter interface view

interface interface-type

interface-number

Correlate the DHCP server group

with the current interface

dhcp relay server-select group-id

Required

By default, no interface is

correlated with any DHCP

server group.

z

You can specify up to twenty DHCP server groups on the relay agent and up to eight DHCP server

addresses for each DHCP server group.

z

The IP addresses of DHCP servers and those of relay agent’s interfaces cannot be on the same

subnet. Otherwise, the client cannot obtain an IP address.

z

A DHCP server group can correlate with one or multiple DHCP relay agent interfaces, while a

relay agent interface can only correlate with one DHCP server group. Using the dhcp relay

server-select command repeatedly overwrites the previous configuration. However, if the

specified DHCP server group does not exist, the interface still uses the previous correlation.

z

The group-id argument in the dhcp relay server-select command is configure by using the dhcp

relay server-group command.

Configuring the DHCP Relay Agent Security Functions

Creating static bindings and enabling IP address check

For avoidance of invalid IP address configuration, you can configure the DHCP relay agent to check

whether a requesting client’s IP and MAC addresses match a binding (dynamic or static) on the DHCP

relay agent.

With this feature enabled, the DHCP relay agent can dynamically record clients’ IP-to-MAC bindings

after clients get IP addresses. It also supports static bindings, that is, you can manually configure

IP-to-MAC bindings on the DHCP relay agent, so that users can access external networks using fixed

IP addresses.

Upon receiving an ARP packet, the DHCP relay agent matches the sender’s IP and MAC addresses in

the packet against the bindings (both dynamic and static). If no match is found, the DHCP relay agent

does not learn the ARP entry, and thus the sending host cannot access external networks via the

DHCP relay agent.

Follow these steps to create a static binding and enable IP address check:

Advertising
This manual is related to the following products:

H3C S5800 Series Switches, H3C S5120 Series Switches, H3C WA2600 Series WLAN Access Points, H3C WA2200 Series WLAN Access Points

Popular Brands
Popular manuals