Configuring DHCP Features
Command
Step 5
ip dhcp snooping information option
format remote-id [string ASCII-string |
hostname]
Step 6
ip dhcp snooping information option
allow-untrusted
Step 7
interface interface-id
Step 8
ip dhcp snooping vlan vlan information
option format-type circuit-id string
ASCII-string
Step 9
ip dhcp snooping trust
Step 10
ip dhcp snooping limit rate rate
Step 11
exit
Step 12
ip dhcp snooping verify mac-address
Step 13
end
Step 14
show running-config
Step 15
copy running-config startup-config
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
20-12
Chapter 20
Purpose
(Optional) Configure the remote-ID suboption.
You can configure the remote ID to be:
String of up to 63 ASCII characters (no spaces)
•
Configured hostname for the switch
•
If the hostname is longer than 63 characters, it is truncated to 63
Note
characters in the remote-ID configuration.
The default remote ID is the switch MAC address.
(Optional) If the switch is an aggregation switch connected to an edge
switch, enable the switch to accept incoming DHCP snooping packets
with option-82 information from the edge switch.
The default setting is disabled.
Enter this command only on aggregation switches that are
Note
connected to trusted devices.
Specify the interface to be configured, and enter interface configuration
mode.
(Optional) Configure the circuit-ID suboption for the specified interface.
Specify the VLAN and port identifier, using a VLAN ID in the range of 1
to 4094. The default circuit ID is the port identifier, in the format
vlan-mod-port.
You can configure the circuit ID to be a string of 3 to 63 ASCII characters
(no spaces).
(Optional) Configure the interface as trusted or untrusted. You can use the
no keyword to configure an interface to receive messages from an
untrusted client. The default setting is untrusted.
(Optional) Configure the number of DHCP packets per second that an
interface can receive. The range is 1 to 2048. By default, no rate limit is
configured.
We recommend an untrusted rate limit of not more than 100
Note
packets per second. If you configure rate limiting for trusted
interfaces, you might need to increase the rate limit if the port is
a trunk port assigned to more than one VLAN on which DHCP
snooping is enabled.
Return to global configuration mode.
(Optional) Configure the switch to verify that the source MAC address in
a DHCP packet that is received on untrusted ports matches the client
hardware address in the packet. The default is to verify that the source
MAC address matches the client hardware address in the packet.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Configuring DHCP Features and IP Source Guard
OL-8915-03