2-152
Catalyst 3560 Switch Command Reference
78-16405-05
Chapter 2 Catalyst 3560 Switch Cisco IOS Commands
ip dhcp snooping verify
ip dhcp snooping verify
Use the ip dhcp snooping verify global configuration command to configure the switch to verify on an
untrusted port that the source MAC address in a DHCP packet matches the client hardware address. Use
the no form of this command to configure the switch to not verify the MAC addresses.
ip dhcp snooping verify mac-address
no ip dhcp snooping verify mac-address
Syntax Description This command has no arguments or keywords.
Defaults The switch verifies the source MAC address in a DHCP packet that is received on untrusted ports
matches the client hardware address in the packet.
Command Modes Global configuration
Command History
Usage Guidelines In a service-provider network, when a switch receives a packet from a DHCP client on an untrusted port,
it automatically verifies that the source MAC address and the DHCP client hardware address match. If
the addresses match, the switch forwards the packet. If the addresses do not match, the switch drops the
packet.
Examples This example shows how to disable the MAC address verification:
Switch(config)# no ip dhcp snooping verify mac-address
You can verify your settings by entering the show ip dhcp snooping privileged EXEC command.
Related Commands
Release Modification
12.2(20)SE This command was introduced.
Command Description
show ip dhcp snooping Displays the DHCP snooping configuration.
To Next Page
Loading...
Need help?
General