How dhcp snooping works, System reboot and the binding database, Configuring dhcp snooping – Brocade BigIron RX Series Configuration Guide User Manual

BigIron RX Series Configuration Guide

1089

53-1002484-04

DHCP snooping

36

How DHCP snooping works

When enabled on a VLAN, DHCP snooping stands between untrusted ports (those connected to
host ports) and trusted ports (those connected to DHCP servers). A VLAN with DHCP snooping
enabled forwards DHCP request packets from clients and discards DHCP server reply packets on
untrusted ports, and it forwards DHCP server reply packets on trusted ports to DHCP clients, as
shown in the following figures.

FIGURE 144

DHCP snooping at Work - on untrusted port

FIGURE 145

DHCP snooping at Work - on trusted port

System reboot and the binding database

To allow DAI and DHCP snooping to work smoothly across a system reboot, the binding database is
saved to a file in the system flash memory after the user issues the "reload" command. DHCP
learnt entries are written to the system flash memory before the router reboots. The flash file is
written and read only if DHCP snooping is enabled.

Configuring DHCP snooping

Configuring DHCP snooping consists of the following steps.

Brocade Device

Trusted

Un trusted

reply packet

DHCP server

DHCP

Server

Snooping

DHCP

request packet

DHCP client

DHCP
Client

Brocade Device

DHCP server

reply packet

Trusted

Untrusted

DHCP

Server

DHCP

Snooping