Dell PowerConnect 5548 User Guide - Page 564
DHCP Snooping, DHCP Snooping Overview, How DHCP Snooping Works
View all Dell PowerConnect 5548 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 564 highlights
DHCP Snooping This section describes DHCP snooping. It contains the following topics: • DHCP Snooping Overview • Global Parameters • VLAN Settings • Trusted Interfaces • Snooping Binding Database DHCP Snooping Overview DHCP snooping expands network security by providing layer security between untrusted interfaces and DHCP servers. By enabling DHCP snooping, network administrators can differentiate between trusted interfaces connected to end-users or DHCP Servers, and untrusted interfaces located beyond the network firewall. How DHCP Snooping Works DHCP snooping filters untrusted messages, and stores these messages in a database. Interfaces are untrusted if the packet is received from an interface outside the network, or from an interface beyond the network firewall. Trusted interfaces receive packets only from within the network or the network firewall. The DHCP Snooping Binding database contains the untrusted interfaces' MAC address, IP address, Lease Time, VLAN ID, and interface information. Table 21-1 describes how DHCP packets are handled when DHCP snooping is enabled on an interface. Table 19-1. DHCP Packet Handling when DHCP Snooping is Enabled Packet Type DHCPDISCOVER Arriving from Untrusted Ingress Interface Forward to trusted interfaces only. Arriving from Trusted Ingress Interface Forwarded to trusted interfaces only. 564 Dell PowerConnect 55xx Systems User Guide