beautypg.com

Disabling the learning of dhcpv6 clients on a port, Clearing the dhcpv6 binding database, Displaying dhcpv6 snooping status and ports – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 358

background image

Enabling trust on a port connected to a DHCPv6 server

The default trust setting for a port is untrusted. To enable trust on a port connected to a DHCPv6
server, enter commands such as the following.

device(config)#interface ethernet 1/1

device(config-if-e10000-1/1)#dhcp6 snooping trust

Port 1/1 is connected to a DHCPv6 server. The commands change the CLI to the interface
configuration level of port 1/1 and set the trust setting of port 1/1 to trusted.

Syntax: no dhcp6 snooping trust

Disabling the learning of DHCPv6 clients on a port

You can disable DHCPv6 client learning on an individual port. To do so, enter commands such as the
following.

device(config)#interface ethernet 1/1

device(config-if-e10000-1/1)#dhcp6 snooping client-learning disable

Syntax: no dhcp6 snooping client-learning disable

Use the no form of the command to re-enable DHCPv6 client learning on a port once it has been
disabled.

Clearing the DHCPv6 binding database

You can clear the DHCPv6 binding database using the CLI command clear ipv6 dhcp6 snooping .
You can remove all entries in the database, or remove entries for a specific IP address only.

To remove all entries from the DHCPv6 binding database, enter the clear ipv6 dhcp6 snooping
command.

device#clear ipv6 dhcp6 snooping

Syntax: clear ipv6 dhcp6 snooping

To clear the DHCPv6 bindings in the database that belong to a specific IPv6 address, enter the clear
ipv6 dhcp6 snooping ipv6-address command.

device#clear ipv6 dhcp6 snooping 2001::2

Syntax: clear ipv6 dhcp6 snooping ipv6-address

Displaying DHCPv6 snooping status and ports

To view DHCPv6 snooping status and ports, enter the show ipv6 dhcp6 snooping vlan vlan-id
command. The following is an example of the output.

Brocade# show ipv6 dhcp6 snooping

IP dhcpv6 snooping enabled on 1 VLANS(s):

VLAN:10

Brocade# show ipv6 dhcp6 snooping vlan 10

IP dhcpv6 snooping VLAN 10: Enabled

Trusted Ports: ethe 1/1/1

Untrusted Ports: ethe 1/1/2 ethe 1/1/3

Syntax: show ipv6 dhcp6 snooping

Enabling trust on a port connected to a DHCPv6 server

358

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

See also other documents in the category Brocade Computer Accessories: