Dell POWEREDGE M1000E User Manual

22-13

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide

OL-13270-03

Chapter 22 Configuring DHCP Features and IP Source Guard

Configuring DHCP Features

To disable DHCP snooping, use the no ip dhcp snooping global configuration command. To disable
DHCP snooping on a VLAN or range of VLANs, use the no ip dhcp snooping vlan vlan-range global
configuration command. To disable the insertion and removal of the option-82 field, use the no ip dhcp
snooping information option global configuration command. To configure an aggregation switch to
drop incoming DHCP snooping packets with option-82 information from an edge switch, use the no ip
dhcp snooping information option allow-untrusted global configuration command.

Step 6

ip dhcp snooping information option
allow-untrusted

(Optional) If the switch is an aggregation switch connected to an edge
switch, enable the switch to accept incoming DHCP snooping packets
with option-82 information from the edge switch.

The default setting is disabled.

Note

Enter this command only on aggregation switches that are
connected to trusted devices.

Step 7

interface interface-id

Specify the interface to be configured, and enter interface configuration
mode.

Step 8

ip dhcp snooping vlan vlan information
option format-type circuit-id string
ASCII-string

(Optional) Configure the circuit-ID suboption for the specified interface.

Specify the VLAN and port identifier, using a VLAN ID in the range of 1
to 4094. The default circuit ID is the port identifier, in the format
vlan-mod-port.

You can configure the circuit ID to be a string of 3 to 63 ASCII characters
(no spaces).

Step 9

ip dhcp snooping trust

(Optional) Configure the interface as trusted or untrusted. You can use
the no keyword to configure an interface to receive messages from an
untrusted client. The default setting is untrusted.

Step 10

ip dhcp snooping limit rate rate

(Optional) Configure the number of DHCP packets per second that an
interface can receive. The range is 1 to 2048. By default, no rate limit is
configured.

Note

We recommend an untrusted rate limit of not more than 100
packets per second. If you configure rate limiting for trusted
interfaces, you might need to increase the rate limit if the port is
a trunk port assigned to more than one VLAN on which DHCP
snooping is enabled.

Step 11

exit

Return to global configuration mode.

Step 12

ip dhcp snooping verify mac-address

(Optional) Configure the switch to verify that the source MAC address in
a DHCP packet that is received on untrusted ports matches the client
hardware address in the packet. The default is to verify that the source
MAC address matches the client hardware address in the packet.

Step 13

end

Return to privileged EXEC mode.

Step 14

show running-config

Verify your entries.

Step 15

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Command

Purpose