beautypg.com

Ip dhcp snooping information option – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 269

background image

Brocade 6910 Ethernet Access Switch Configuration Guide

213

53-1002651-02

10

DHCP Snooping

If a DHCP packet from a client passes the filtering criteria above, it will only be forwarded
to trusted ports in the same VLAN.

If a DHCP packet is from server is received on a trusted port, it will be forwarded to both
trusted and untrusted ports in the same VLAN.

If the DHCP snooping is globally disabled, all dynamic bindings are removed from the binding
table.

Additional considerations when the switch itself is a DHCP client – The port(s) through which
the switch submits a client request to the DHCP server must be configured as trusted (using
the

ip dhcp snooping trust

command). Note that the switch will not add a dynamic entry for

itself to the binding table when it receives an ACK message from a DHCP server. Also, when the
switch sends out DHCP client packets for itself, no filtering takes place. However, when the
switch receives any messages from a DHCP server, any packets received from untrusted ports
are dropped.

Example
This example enables DHCP snooping globally for the switch.

Console(config)#ip dhcp snooping

Console(config)#

Related Commands

“ip dhcp snooping vlan”

on page 216

“ip dhcp snooping trust”

on page 218

ip dhcp snooping information option

This command enables the use of DHCP Option 82 information for the switch, and specifies the
frame format to use for the remote-id when Option 82 information is generated by the switch. Use
the no form without any keywords to disable this function, the no form with the encode no-subtype
keyword to enable use of sub-type and sub-length in CID/RID fields, or the no form with the
remote-id keyword to set the remote ID to the switch’s MAC address encoded in hexadecimal.

Syntax

ip dhcp snooping information option

[encode no-subtype] [remote-id {ip-address [encode {ascii | hex}] |
mac-address [encode {ascii | hex}] | string string}]

no ip dhcp snooping information option [encode no-subtype]

[remote-id [ip-address encode] | [mac-address encode]]

encode no-subtype - Disables use of sub-type and sub-length fields in circuit-ID (CID) and
remote-ID (RID) in Option 82 information.

mac-address - Inserts a MAC address in the remote ID sub-option for the DHCP snooping
agent (that is, the MAC address of the switch’s CPU).

ip-address - Inserts an IP address in the remote ID sub-option for the DHCP snooping
agent (that is, the IP address of the management interface).

encode - Indicates encoding in ASCII or hexadecimal.

string - An arbitrary string inserted into the remote identifier field. (Range: 1-32 characters)