In this article, I will give an example of configuring DHCP Snooping on Allied Telesis switches
Let’s go to the configuration mode:
configure
Let’s enable DHCP Snooping globally:
ip dhcp snooping
Let’s configure a trusted UPLINK port (so that DHCP server responses can come from it):
interface ethernet g1
ip dhcp snooping trust
Enable DHCP Snooping on the required VLAN:
ip dhcp snooping vlan 983
Done, exit the configuration mode and look at the DHCP table:
exit
show ip dhcp snooping binding
Let’s save the configuration:
copy running-config startup-config
I will give an example of canceling the previously entered commands:
configure
no ip dhcp snooping vlan 983
interface ethernet g1
no ip dhcp snooping trust
exit
no ip dhcp snooping
I will give an example of adding an entry manually (where 983 is the VLAN number):
ip dhcp snooping binding 0000.1111.2222 983 192.168.5.5 ethernet e5
To allow packets with option-82 from untrusted ports use the command:
ip dhcp snooping information option allowed-untrusted
no ip dhcp snooping information option allowed-untrusted
Checking the MAC address in a packet with the client’s hardware MAC address:
ip dhcp snooping verify
no ip dhcp snooping verify
Change the update time of the file with the DHCP bindings table (range 600 – 86400, default 1200):
ip dhcp snooping database update-freq SECONDS
no ip dhcp snooping database update-freq
Clearing DHCP Snooping Bindings Table:
clear ip dhcp snooping database
See also my articles:
Configuring Allied Telesis AT-8000S
Configuring Switchport Protected on Allied Telesis
fine