11-7
Configuring Advanced Threat Protection
DHCP Snooping
Enabling DHCP Snooping on VLANS
DHCP snooping on VLANs is disabled by default. To enable DHCP snooping
on a VLAN or range of VLANs enter this command:
HP Switch(config)# dhcp-snooping vlan <vlan-id-range>
You can also use this command in the vlan context, in which case you cannot
enter a range of VLANs for snooping.
Below is an example of DHCP snooping enabled on VLAN 4.
Figure 11-3. Example of DCHP Snooping on a VLAN
Configuring DHCP Snooping Trusted Ports
By default, all ports are untrusted. To configure a port or range of ports as
trusted, enter this command:
HP Switch(config)# dhcp-snooping trust <port-list>
You can also use this command in the interface context, in which case you are
not able to enter a list of ports.
HP Switch(config)# dhcp-snooping vlan 4
HP Switch(config)# show dhcp-snooping
DHCP Snooping Information
DHCP Snooping : Yes
Enabled Vlans : 4
Verify MAC : Yes
Option 82 untrusted policy : drop
Option 82 Insertion : Yes
Option 82 remote-id : mac
To Next Page
Loading...
Need help?
General