dhcpv4-snooping authorized-server

Syntax

dhcpv4-snooping authorized-server <IPV4-ADDR> [vrf <VRF-NAME>]

no dhcpv4-snooping authorized-server <IPV4-ADDR> [vrf <VRF-NAME>]

Description

Adds an authorized (trusted) DHCP server to a list of authorized servers for use by DHCPv4 snooping. This command can be issued multiple times, adding a maximum of 20 authorized servers per VRF. By default, with an empty list of authorized servers, all DHCP servers are considered to be trusted for DHCPv4 snooping purposes.
NOTE:

The mgmt VRF cannot be used with this command.

The no form of this command deletes the specified DHCP server from the authorized list.

Command context

config

Parameters

<IPV4-ADDR>

Specifies the IPv4 address of the trusted DHCPv4 server.

vrf <VRF-NAME>

Specifies the VRF name. The name can be default or a configured VRF instance but it cannot be mgmt.

Authority

Administrators or local user group members with execution rights for this command.

Usage

For authorized server lookup, the VRF is derived from the Switch Virtual Interface (SVI) configured for the incoming VLAN. If the SVI is not configured, the default VRF is assumed.

Examples

Adding DHCP servers 192.168.2.2, 192.168.2.3, and 192.168.2.10 to the authorized server list:

switch(config)# dhcpv4-snooping authorized-server 192.168.2.2
switch(config)# dhcpv4-snooping authorized-server 192.168.2.3 vrf default
switch(config)# dhcpv4-snooping authorized-server 192.168.2.10 vrf default

Removing DHCP server 192.168.2.3 from the authorized server list:

switch(config)# no dhcpv4-snooping authorized-server 192.168.2.3 vrf default