Block third-party DHCP servers on the Huawei Quidway S2300 (DHCP Snooping)

I will give an example of how on the Huawei Quidway S2300 switch (using the S2326TP-EI as an example) to allow receiving DHCP responses from the uplink port and prohibiting client responses.

First, enable dhcp snooping:

dhcp enable
dhcp snooping enable
dhcp server detect

Let’s enable dhcp snooping in the client vlan:

vlan 226
dhcp snooping enable
quit

And allow DHCP responses from the incoming uplink port:

interface GigabitEthernet0/0/1
dhcp snooping trusted
quit

After that, responses from DHCP servers will be blocked on ports where “dhcp snooping trusted” is not indicated.

Save the configuration:

quit
save config.cfg

You can view the parameters and DHCP clients as follows:

display dhcp snooping global
display dhcp snooping user-bind all

See also my article:
Configuring Huawei Quidway S2326TP-EI

Leave a comment

Leave a Reply

Discover more from IT Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading