The documentation for HP’s DCHP-snooping is limited, but there is a rather good description to be found in the firmware documentation (beginning from page 80).
There are several ways in which DHCP-snooping can work, in this example I’ll use a simple, port-based configuration.
SomeCoolSwitch# config
SomeCoolSwitch(config)# dhcp-snooping
SomeCoolSwitch(config)# dhcp-snooping vlan 1
SomeCoolSwitch(config)# interface 26
SomeCoolSwitch(eth-49)# dhcp-snooping trust
SomeCoolSwitch(eth-49)# exit
SomeCoolSwitch(config)# write mem
The command “dhcp-snooping” will globally enable DHCP-snooping. You will have to enable DHCP-snooping on certain VLANs to make it work. When enabled on a VLAN, all ports of the switch will be (by default) untrusted, in this example I set “interface 26″ to be the trusted switchport. When implementing into a larger network, uplink ports or trunks will have to be trusted.
No comments:
Post a Comment