beautypg.com

Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1434

background image

DHCP Snooping Introduction and Configuration

Software Reference for x310 Series Switches

55.12

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

Configure ARP security

18.

awplus(config)#

interface <vid-list>

Enter Interface Configuration mode for the
VLANs to enable ARP security on.

Default: disabled

19.

awplus(config-if)#

arp security

Enable ARP security on particular VLANs if
required. On untrusted ports, ARP security
forwards ARP packets that have a source IP
address and MAC address matching a dynamic
entry in the DHCP snooping database, or an IP
address matching a static entry. It drops other
ARP packets, and treats them as ARP security
violations.

Default: disabled

20.

awplus(config-if)#

exit

Return to Global Configuration mode.

Configure DHCP Relay Agent Option 82

21.

awplus(config)#

no ip dhcp snooping agent-option

If you do not want the switch to insert DHCP
Relay Agent Option 82 information into DHCP
packets received on untrusted ports, or to
remove this information from DHCP packets
transmitted on untrusted ports, disable the
DHCP Relay Agent Option 82 agent option.

Default: enabled if DHCP snooping is enabled.

22.

awplus(config)#

ip dhcp snooping agent-option allow-

untrusted

If there are edge switches that add the DHCP
Relay Agent Option 82 information to DHCP
packets, and that are connected to untrusted
ports on this switch, you may wish to enable this
switch to forward these packets, and the
associated DHCP reply packets, without
changing the DHCP Relay Agent Option 82
information in them.

Default: disabled.

23.

awplus(config)#

interface <port-list>

Enter Interface Configuration mode for one or
more ports to add a Subscriber ID for.

24.

awplus(config-if)#

ip dhcp snooping subscriber-id [

id>]

Add the Subscriber ID for these ports. The
Subscriber ID is included in DHCP Relay Agent
Option 82 information.

Default: no Subscriber ID.

25.

awplus(config)#

interface <interface-list>

Enter Interface Configuration mode for one or
more VLANs to add a Circuit ID for.

Table 55-2: General configuration procedure for DHCP snooping(cont.)

See also other documents in the category Allied Telesis Computer hardware: