Enabling Dhcp Snooping And Option 82 - Cisco 2950 - Catalyst Switch Configuration Manual
Software configuration guide
Hide thumbs
Also See for 2950 - Catalyst Switch:
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages) ,
- Software manual (376 pages)
Table of Contents
Advertisement
Chapter 20
Configuring DHCP Features
Enabling DHCP Snooping and Option 82
Beginning in privileged EXEC mode, follow these steps to enable DHCP snooping on the switch.
Command
Step 1
configure terminal
Step 2
ip dhcp snooping
Step 3
ip dhcp snooping vlan vlan-range
Step 4
ip dhcp snooping information option
Step 5
interface interface-id
Step 6
ip dhcp snooping trust
Step 7
ip dhcp snooping limit rate rate
Step 8
end
Step 9
show running-config
Step 10
copy running-config startup-config
To disable DHCP snooping, use the no ip dhcp snooping global configuration command. To disable
DHCP snooping on a VLAN or range of VLANs, use the no ip dhcp snooping vlan vlan-id global
configuration command. To disable the insertion and removal of the option-82 field, use the no ip dhcp
snooping information option global configuration command.
This example shows how to enable DHCP snooping globally and on VLAN 10 and to configure a rate
limit of 100 packets per second on Fast Ethernet port 0/1:
Switch(config)# ip dhcp snooping
Switch(config)# ip dhcp snooping vlan 10
Switch(config)# ip dhcp snooping information option
Switch(config)# interface fastethernet0/1
Switch(config-if)# ip dhcp snooping limit rate 100
78-11380-10
Purpose
Enter global configuration mode.
Enable DHCP snooping globally.
Enable DHCP snooping on a VLAN or range of VLANs. The range is 1
to 4094.
You can enter a single VLAN ID identified by VLAN ID number, a series
of VLAN IDs separated by commas, a range of VLAN IDs separated by
hyphens, or a range of VLAN IDs separated by entering the starting and
ending VLAN IDs separated by a space.
Enable the switch to insert and remove DHCP relay information
(option-82 field) in forwarded DHCP request messages to the DHCP
server.
The default is enabled.
Enter interface configuration mode, and specify the interface to be
configured.
(Optional) Configure the interface as trusted or untrusted. You can use the
no keyword to configure an interface to receive messages from an
untrusted client. The default is untrusted.
(Optional) Configure the number of DHCP packets per second than an
interface can receive. The range is 1 to 4294967294. The default is no rate
limit configured.
We recommend an untrusted rate limit of not more than 100
Note
packets per second. If you configure rate limiting for trusted
interfaces, you might need to increase the rate limit if the port is
a trunk port assigned to more than one VLAN on which DHCP
snooping is enabled.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Configuring DHCP Features
20-7
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
