DHCP snooping configuration example
Network requirements
As shown in Figure 38, Switch B is connected to a DHCP server through GigabitEthernet 1/0/1, and to two DHCP clients through GigabitEthernet 1/0/2 and GigabitEthernet 1/0/3. GigabitEthernet 1/0/1 forwards DHCP server responses while the other two do not.
Switch B records clients' IP-to-MAC address bindings in DHCP-REQUEST messages and DHCP-ACK messages received from trusted ports.
Figure 38: Network diagram
Configuration procedure
# Enable DHCP snooping.
<SwitchB> system-view [SwitchB] dhcp-snooping
# Specify GigabitEthernet 1/0/1 as trusted.
[SwitchB] interface GigabitEthernet 1/0/1 [SwitchB-GigabitEthernet1/0/1] dhcp-snooping trust [SwitchB-GigabitEthernet1/0/1] quit