37-9
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 37 Configuring DHCP Snooping
Configuring DHCP Snooping
Configuring DHCP Snooping
These sections describe how to configure DHCP snooping:
• Enabling DHCP Snooping Globally, page 37-9
• Enabling DHCP Option-82 Data Insertion, page 37-10
• Enabling the DHCP Option-82 on Untrusted Port Feature, page 37-10
• Enabling DHCP Snooping MAC Address Verification, page 37-11
• Enabling DHCP Snooping on VLANs, page 37-12
• Configuring the DHCP Trust State on Layer 2 LAN Interfaces, page 37-13
• Configuring DHCP Snooping Rate Limiting on Layer 2 LAN Interfaces, page 37-14
• Configuring the DHCP Snooping Database Agent, page 37-14
• Configuration Examples for the Database Agent, page 37-15
• Displaying a Binding Table, page 37-18
Enabling DHCP Snooping Globally
Note Configure this command as the last configuration step (or enable the DHCP feature during a scheduled
maintenance period) because after you enable DHCP snooping globally, the router drops DHCP requests
until you configure the ports.
To enable DHCP snooping globally, perform this task:
This example shows how to enable DHCP snooping globally:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip dhcp snooping
Router(config)# do show ip dhcp snooping | include Switch
Switch DHCP snooping is enabled
Router(config)#
Note When DHCP snooping is disabled and DAI is enabled, the switch shuts down all the hosts because all
ARP entries in the ARP table will be checked against a nonexistent DHCP database. When DHCP
snooping is disabled or in non-DHCP environments, use ARP ACLs to permit or to deny ARP packets.
Command Purpose
Step 1
Router(config)# ip dhcp snooping
Enables DHCP snooping globally.
Router(config)# no ip dhcp snooping
Disables DHCP snooping.
Step 2
Router(config)# do show ip dhcp snooping |
include Switch
Verifies the configuration.
To Next Page
Loading...
Need help?
General
