How dhcp snooping works, Dhcp binding database – Brocade Multi-Service IronWare Switching Configuration Guide (Supporting R05.6.00) User Manual
Page 793
Multi-Service IronWare Switching Configuration Guide
763
53-1003036-02
DHCP snooping
19
NOTE
DHCP Snooping will not dynamically build the ARP Inspection table.
How DHCP snooping works
When enabled on a VLAN, DHCP snooping stands between untrusted ports (those connected to
host ports) and trusted ports (those connected to DHCP servers). A VLAN with DHCP snooping
enabled forwards DHCP request packets from clients and discards DHCP server reply packets on
untrusted ports, and it forwards DHCP server reply packets on trusted ports to DHCP clients, as
shown in the following figures.
FIGURE 194
DHCP snooping at work - on untrusted port
FIGURE 195
DHCP snooping at work - on trusted port
DHCP binding database
On trusted ports, DHCP server reply packets are forwarded to DHCP clients. The DHCP server reply
packets collect client IP to MAC address binding information, which is saved in the DHCP binding
database. This information includes MAC address, IP address, lease time, VLAN number, and port
number.
In the Brocade device configuration, the DHCP binding database is integrated with the enhanced
ARP table, which is used by Dynamic ARP Inspection. For more information, refer to
The lease time will be refreshed when the client renews its IP address with the DHCP server;
otherwise the device removes the entry when the lease time expires.