13 ip dhcp snooping trust, 14 ip dhcp snooping action, Ip dhcp snooping trust – PLANET WGSW-50040 User Manual

Commands for Security Function Chapter 6 Commands for TACACS+

allowed to access by Port Ethernet1/1 as 5.

Switch(Config-If-Ethernet1/1)# ip dhcp snooping binding user-control max-user 5

Related Command:

ip dhcp snooping binding user-control

16.13 ip dhcp snooping trust

Command:

ip dhcp snooping trust

no ip dhcp snooping trust

Function:

Set or delete the DHCP Snooping trust attributes of a port.

Command Mode:

Port mode

Default Settings:

By default, all ports are non-trusted ports

Usage Guide:

Only when DHCP Snooping is globally enabled, can this command be set. When a port turns into a

trusted port from a non-trusted port, the original defense action of the port will be automatically

deleted; all the security history records will be cleared (except the information in system log).

Example:

Set port ethernet1/1 as a DHCP Snooping trusted port

switch(config)#interface ethernet 1/1

switch(Config- Ethernet 1/1)#ip dhcp snooping trust

16.14 ip dhcp snooping action

Command:

ip dhcp snooping action {shutdown | blackhole} [recovery <second>]

no ip dhcp snooping action

Function:

Set or delete the automatic defense action of a port.

Parameters:

shutdown: When the port detects a fake DHCP Server, it will be shutdown.