Dhcp snooping configuration, Dhcp snooping configuration" on – LevelOne GTL-2691 User Manual
Page 399
C
HAPTER
13
| Security Measures
DHCP Snooping
– 399 –
DHCP packets, keep the existing information, or replace it with the
switch’s relay information.
DHCP S
NOOPING
C
ONFIGURATION
Use the IP Service > DHCP > Snooping (Configure Global) page to enable
DHCP Snooping globally on the switch, or to configure MAC Address
Verification.
CLI R
EFERENCES
◆
P
ARAMETERS
These parameters are displayed:
◆
DHCP Snooping Status – Enables DHCP snooping globally.
(Default: Disabled)
◆
DHCP Snooping MAC-Address Verification – Enables or disables
MAC address verification. If the source MAC address in the Ethernet
header of the packet is not same as the client's hardware address in the
DHCP packet, the packet is dropped. (Default: Enabled)
◆
DHCP Snooping Information Option Status – Enables or disables
DHCP Option 82 information relay. (Default: Disabled)
◆
DHCP Snooping Information Option Sub-option Format – Enables
or disables use of sub-type and sub-length fields in circuit-ID (CID) and
remote-ID (RID) in Option 82 information. (Enabled)
◆
DHCP Snooping Information Option Policy – Specifies how to
handle DHCP client request packets which already contain Option 82
information.
■
Drop – Drops the client’s request packet instead of relaying it.
■
Keep – Retains the Option 82 information in the client request, and
forwards the packets to trusted ports.
■
Replace – Replaces the Option 82 information circuit-id and
remote-id fields in the client’s request with information about the
relay agent itself, inserts the relay agent’s address (when DHCP
snooping is enabled), and forwards the packets to trusted ports.
(This is the default policy.)
W
EB
I
NTERFACE
To configure global settings for DHCP Snooping:
1.
Click Security, IP Source Guard, DHCP Snooping.
2.
Select Configure Global from the Step list.
3.
Select the required options for the general DHCP snooping process and
for the DHCP Option 82 information policy.