Show ip dhcp snooping, Show ip dhcp snooping -18 – SMC Networks SMC TigerAccess SMC7824M/FSW User Manual

C

LIENT

S

ECURITY

C

OMMANDS

22-18

Command Usage

• An untrusted interface is an interface that is configured to receive

messages from outside the network or firewall. A trusted interface is
an interface that is configured to receive only messages from within
the network.

• When DHCP snooping enabled globally using the ip dhcp snooping

command (page 22-11), and enabled on a VLAN with this command,
DHCP packet filtering will be performed on any untrusted ports
within the VLAN according to the default status, or as specifically
configured for an interface with the no ip dhcp snooping trust
command.

• When an untrusted port is changed to a trusted port, all the dynamic

DHCP snooping bindings associated with this port are removed. All
static bindings are retained, but will have no effect unless the port is
changed back to the untrusted state.

• Additional considerations when the switch itself is a DHCP client – The port(s)

through which it submits a client request to the DHCP server must be
configured as trusted.

Example
This example sets port 5 to untrusted.

Related Commands

ip dhcp snooping (22-11)
ip dhcp snooping vlan (22-13)
ip dhcp snooping binding (22-14)

show ip dhcp snooping

This command shows the DHCP snooping configuration settings.

Command Mode

Privileged Exec

Console(config)#interface ethernet 1/5
Console(config-if)#no ip dhcp snooping trust
Console(config-if)#