Thursday, May 7, 2009

DHCP Snooping on HP Procurve

The documentation for HP’s DCHP-snooping is limited, but there is a rather good description to be found in the firmware documentation (beginning from page 80).

There are several ways in which DHCP-snooping can work, in this example I’ll use a simple, port-based configuration.

SomeCoolSwitch# config

SomeCoolSwitch(config)# dhcp-snooping

SomeCoolSwitch(config)# dhcp-snooping vlan 1

SomeCoolSwitch(config)# interface 26

SomeCoolSwitch(eth-49)# dhcp-snooping trust

SomeCoolSwitch(eth-49)# exit

SomeCoolSwitch(config)# write mem

The command “dhcp-snooping” will globally enable DHCP-snooping. You will have to enable DHCP-snooping on certain VLANs to make it work. When enabled on a VLAN, all ports of the switch will be (by default) untrusted, in this example I set “interface 26 to be the trusted switchport. When implementing into a larger network, uplink ports or trunks will have to be trusted.

No comments:

Post a Comment