C613-16082-00 REV B

www.alliedtelesis.com

AlliedWare

TM

OS

How To |

Introduction

It has increasingly become a legal requirement for service providers to identify which of their
customers were using a specific IP address at a specific time. This means that service
providers must be able to:

z

Know which customer was allocated an IP address at any time.

z

Guarantee that customers cannot avoid detection by spoofing an IP address that was not
actually allocated to them.

These security features provide a traceable history in the event of an official query. Three
components are used to provide this traceable history:

z

DHCP snooping

z

DHCP Option 82

z

DHCP filtering

What information will you find in this document?

This document describes DHCP snooping, DHCP Option 82 and DHCP filtering, and takes
you through step-by-step configuration examples.

With DHCP snooping, an administrator can control port-to-IP connectivity by:

z

permitting port access to specified IP addresses only

z

permitting port access to DHCP issued IP addresses only

z

dictating the number of IP clients on any given port

z

passing location information about an IP client to the DHCP server

z

permitting only known IP clients to ARP

Use DHCP Snooping, Option 82, and Filtering on
AT-9900 and x900-48 Series Switches