C3560 ip dhcp snooping: различия между версиями

Материал из noname.com.ua
Перейти к навигацииПерейти к поиску
Строка 6: Строка 6:
 
* Все в одном Vlan
 
* Все в одном Vlan
 
* <code>ip dhcp snooping trust</code> на порту куда включен сервер
 
* <code>ip dhcp snooping trust</code> на порту куда включен сервер
  +
* Глобально
 
  +
<code>ip dhcp snooping vlan 3003<code>
  +
<code>ip dhcp snooping</code>
 
==Клиентский порт==
 
==Клиентский порт==
 
<PRE>
 
<PRE>
Строка 23: Строка 25:
 
ip dhcp snooping trust
 
ip dhcp snooping trust
 
end
 
end
  +
</PRE>
  +
==<code>sh ip dhcp snooping</code>
  +
<PRE>
  +
sh ip dhcp snooping
  +
Switch DHCP snooping is enabled
  +
DHCP snooping is configured on following VLANs:
  +
3003
  +
DHCP snooping is operational on following VLANs:
  +
3003
  +
Smartlog is configured on following VLANs:
  +
none
  +
Smartlog is operational on following VLANs:
  +
none
  +
DHCP snooping is configured on the following L3 Interfaces:
  +
  +
Insertion of option 82 is enabled
  +
circuit-id default format: vlan-mod-port
  +
remote-id: 0026.5218.4900 (MAC)
  +
Option 82 on untrusted port is not allowed
  +
Verification of hwaddr field is enabled
  +
Verification of giaddr field is enabled
  +
DHCP snooping trust/rate is configured on the following Interfaces:
  +
  +
Interface Trusted Allow option Rate limit (pps)
  +
----------------------- ------- ------------ ----------------
  +
GigabitEthernet0/5 yes yes unlimited
  +
Custom circuit-ids:
 
</PRE>
 
</PRE>

Версия 13:09, 28 ноября 2022

ip dhcp snoopping

Минимальный конфиг - L2

  • Все в одном Vlan
  • ip dhcp snooping trust на порту куда включен сервер
  • Глобально

ip dhcp snooping vlan 3003 ip dhcp snooping

Клиентский порт

interface GigabitEthernet0/7
 switchport access vlan 3003
 switchport mode access
 spanning-tree bpdufilter enable
end

Порт куда включен DHCP Server

interface GigabitEthernet0/5
 switchport access vlan 3003
 switchport mode access
 spanning-tree bpdufilter enable
 ip dhcp snooping trust
end

==sh ip dhcp snooping

sh ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
3003
DHCP snooping is operational on following VLANs:
3003
Smartlog is configured on following VLANs:
none
Smartlog is operational on following VLANs:
none
DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is enabled
   circuit-id default format: vlan-mod-port
   remote-id: 0026.5218.4900 (MAC)
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Verification of giaddr field is enabled
DHCP snooping trust/rate is configured on the following Interfaces:

Interface                  Trusted    Allow option    Rate limit (pps)
-----------------------    -------    ------------    ----------------
GigabitEthernet0/5         yes        yes             unlimited
  Custom circuit-ids: