dhcp-snooping

Syntax 

dhcp-snooping [authorized-server | database | max-bindings | option | 
rate-limit | trust | verify | vlan]
no dhcp-snooping [authorized-server | database | max-bindings | option |  
rate-limit | trust | verify | vlan]
authorized-server

Specifies the IP address of a trusted DHCP server. If no authorized servers are configured, all DHCP server addresses are considered valid. Maximum: 20 authorized servers.

database

Specifies a URL location for the lease database in the format tftp://ip-addr/ascii-string. The maximum number of characters for the URL is 63.

max bindings

Sets the maximum number of DHCP bindings allowed.

option

Adds the relay information option (Option 82) to DHCP client packets that are being forwarded out trusted ports. The default is yes, add relay information.

rate-limit

Configures the DHCP packet transfer rate in pps for dhcp-snooping.

trust

Configures trusted ports. Only server packets received on trusted ports are forwarded. Default: untrusted.

verify

Enables DHCP packet validation. The DHCP client hardware address field and the source MAC address must be the same for packets received on untrusted ports or the packet is dropped. Default: Yes.

vlan

Enables DHCP snooping on a vlan. DHCP snooping must be enabled already. Default: No.

To display the DHCPv4 snooping configuration, enter this command: 
switch(config)# show dhcp-snooping
The following figure shows sample output.
Show dhcp-snooping
To display statistics about the DHCPv4 snooping process, enter this command: 
switch(config)# show dhcp-snooping stats
The following figure shows sample output.
Show dhcp-snooping statistics