Dell POWEREDGE M1000E User Manual

826

Snooping and Inspecting Traffic

To configure the switch:

1 Enable DHCP snooping on VLAN 100.

console#config

console(config)#ip dhcp snooping vlan 100

2 Configure LAG 1, which includes ports 21-24, as a trusted port. All other

interfaces are untrusted by default.

console(config)#interface port-channel 1

console(config-if-Po1)#ip dhcp snooping trust

console(config-if-Po1)#exit

3 Enter interface configuration mode for all untrusted interfaces (ports 1-

20) and limit the number of DHCP packets that an interface can receive

to 100 packets per second. LAG 1 is a trusted port and keeps the default

value for rate limiting (unlimited).

console(config)#interface range gi1/0/1-20

console(config-if)#ip dhcp snooping limit rate 100

console(config-if)#exit

4 Specify that the DHCP snooping database is to be stored remotely in a file

called dsDb.txt on a TFTP server with and IP address of 10.131.11.1.

console(config)#ip dhcp snooping database

tftp://10.131.11.1/dsDb.txt

console(config)#exit

5 Enable DHCP snooping for the switch

console(config)#ip dhcp snooping

6 View DHCP snooping information.

console#show ip dhcp snooping

DHCP snooping is Enabled

DHCP snooping source MAC verification is enabled

DHCP snooping is enabled on the following VLANs:

100

Interface Trusted Log Invalid Pkts

----------- ---------- ----------------