dhcp-snooping
Syntax
dhcp-snooping [authorized-server | database | max-bindings | option |
rate-limit | trust | verify | vlan]
no dhcp-snooping [authorized-server | database | max-bindings | option |
rate-limit | trust | verify | vlan]
- authorized-server
Specifies the IP address of a trusted DHCP server. If no authorized servers are configured, all DHCP server addresses are considered valid. Maximum: 20 authorized servers.
- database
Specifies a URL location for the lease database in the format
tftp://ip-addr/ascii-string
. The maximum number of characters for the URL is 63.- max bindings
Sets the maximum number of DHCP bindings allowed.
- option
Adds the relay information option (Option 82) to DHCP client packets that are being forwarded out trusted ports. The default is
yes
, add relay information.- rate-limit
Configures the DHCP packet transfer rate in pps for dhcp-snooping.
- trust
Configures trusted ports. Only server packets received on trusted ports are forwarded. Default:
untrusted
.- verify
Enables DHCP packet validation. The DHCP client hardware address field and the source MAC address must be the same for packets received on untrusted ports or the packet is dropped. Default:
Yes
.- vlan
Enables DHCP snooping on a vlan. DHCP snooping must be enabled already. Default:
No
.
switch(config)# show dhcp-snoopingThe following figure shows sample output.
switch(config)# show dhcp-snooping statsThe following figure shows sample output.