Dhcp snooping support for option 82 – H3C Technologies H3C S5560 Series Switches User Manual

70

Figure 26 Trusted and untrusted ports

In a cascaded network as shown in

Figure 27

, to save system resources, you can enable only the

untrusted ports directly connected to the DHCP clients to record DHCP snooping entries.

Figure 27 Trusted and untrusted ports in a cascaded network

DHCP snooping support for Option 82

Option 82 records the location information about the DHCP client so the administrator can locate the

DHCP client for security and accounting purposes. For more information about Option 82, see "

Relay

agent option (Option 82)

."

DHCP snooping uses the same strategies as the DHCP relay agent to handle Option 82 for DHCP

request messages, as shown in

Table 4

. If a response returned by the DHCP server contains Option 82,

DHCP snooping removes Option 82 before forwarding the response to the client. If the response contains
no Option 82, DHCP snooping forwards it directly.

DHCP snooping

Switch A

DHCP snooping

Switch C

DHCP client

Host D

DHCP client

Host C

DHCP client

Host B

DHCP server

Device

DHCP snooping

Switch B

GE1/0/4

GE1/0/2

GE1/0/3

GE1/0/1

GE1/0/2

GE1/0/3

GE1/0/4

GE1/0/2

GE1/0/1

GE1/0/3

GE1/0/1

DHCP client

Host A

GE1/0/1

Untrusted ports enabled to record snooping entries

Untrusted ports disabled from recording snooping entries

Trusted ports