Ip dhcp snooping information policy, Ip dhcp snooping, Information policy – Microsens MS453490M Management Guide User Manual

C

HAPTER

25

| General Security Measures

DHCP Snooping

– 664 –

◆

Use the ip dhcp snooping information option command to specify

how to handle DHCP client request packets which already contain

Option 82 information.

E

XAMPLE

This example enables the DHCP Snooping Information Option.

Console(config)#ip dhcp snooping information option

Console(config)#

ip dhcp snooping

information policy

This command sets the DHCP snooping information option policy for DHCP

client packets that include Option 82 information.

S

YNTAX

ip dhcp snooping information policy {drop | keep | replace}

drop - Drops the client’s request packet instead of relaying it.
keep - Retains the Option 82 information in the client request, and

forwards the packets to trusted ports.
replace - Replaces the Option 82 information circuit-id and

remote-id fields in the client’s request with information about the

relay agent itself, inserts the relay agent’s address (when DHCP

snooping is enabled), and forwards the packets to trusted ports.

D

EFAULT

S

ETTING

replace

C

OMMAND

M

ODE

Global Configuration

C

OMMAND

U

SAGE

When the switch receives DHCP packets from clients that already include

DHCP Option 82 information, the switch can be configured to set the action

policy for these packets. The switch can either drop the DHCP packets,

keep the existing information, or replace it with the switch’s relay

information.

E

XAMPLE

Console(config)#ip dhcp snooping information policy drop

Console(config)#