Dhcp snooping support for option 82, Dhcp snooping configuration task list, Dhcp snooping support for option 82 -26 – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 221: Dhcp snooping configuration task list -26, Table 26-8

Advertising
background image

26-26

Table 26-8 Roles of ports

Device

Untrusted port

Trusted port disabled from

recording binding entries

Trusted port enabled to

record binding entries

Switch A

Ethernet 1/1

Ethernet 1/3

Ethernet 1/2

Switch B

Ethernet 1/3 and Ethernet 1/4

Ethernet 1/1 Ethernet

1/2

Switch C

Ethernet 1/1

Ethernet 1/3 and Ethernet 1/4

Ethernet 1/2

DHCP Snooping Support for Option 82

Option 82 records the location information of the DHCP client. The administrator can locate the DHCP

client to further implement security control and accounting. For more information, refer to

Introduction to

Option 82

.

If DHCP snooping supports Option 82, it will handle a client’s request according to the contents defined

in Option 82, if any. The handling strategies are described in the table below.

If a reply returned by the DHCP server contains Option 82, the DHCP snooping device will remove the

Option 82 before forwarding the reply to the client. If the reply contains no Option 82, the DHCP

snooping device forwards it directly.

If a client’s requesting

message has…

Handling

strategy

The DHCP snooping device will…

Drop

Drop the message.

Keep

Forward the message without changing Option 82.

Option 82

Replace

Forward the message after replacing the original Option 82
with the Option 82 padded in normal format.

no Option 82

Forward the message after adding the Option 82 padded in
normal format.

DHCP Snooping Configuration Task List

Complete the following tasks to configure DHCP snooping:

Task

Remarks

Enabling DHCP Snooping

Required

By default, DHCP snooping is disabled.

Configuring DHCP Snooping
Functions on an Interface

Required

Specify an interface as trusted and configure DHCP snooping to support
Option 82.

By default, an interface is untrusted and DHCP snooping does not support
Option 82.

You need to specify the ports connected to the authorized DHCP servers as
trusted to ensure that DHCP clients can obtain valid IP addresses. The trusted
port and the port connected to the DHCP client must be in the same VLAN.

Displaying Clients' IP-to-MAC
Bindings

Optional

Display clients' IP-to-MAC bindings recorded by DHCP snooping.

Advertising
This manual is related to the following products:

H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module

Popular Brands
Popular manuals