Netgear GS516TP Software Administration Manual - Page 55
Services—DHCP Snooping, DHCP Snooping Global Configuration
View all Netgear GS516TP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 55 highlights
GS516TP Gigabit Smart Switches Services-DHCP Snooping DHCP Snooping is a useful feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted message is a message that is received from outside the network or firewall and that can cause traffic attacks within your network. The DHCP snooping binding table contains the MAC address, IP address, lease time, binding type, VLAN number, and interface information that corresponds to each of the local untrusted interfaces of a switch. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive messages only from within the network. DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. It also provides way to differentiate between untrusted interfaces connected to the end user and trusted interfaces connected to the DHCP server or another switch. From the Services menu, you can access features described in the following sections: • DHCP Snooping Global Configuration • DHCP Snooping Interface Configuration • DHCP Snooping Binding Configuration • DHCP Snooping Persistent Configuration DHCP Snooping Global Configuration To configure DHCP snooping global settings: 1. Select System > Services > DHCP Snooping > Global Configuration. 2. Next to DHCP Snooping Mode, select Enable or Disable to turn the DHCP snooping feature on or off. The factory default is disabled. 3. Next to MAC Address Validation, select Enable or Disable to turn on or off the MAC address validation feature. MAC address validation is enabled by default. 4. Enter the VLAN in the VLAN ID field to enable the DHCP snooping mode. 5. Select Enable or Disable from the DHCP snooping mode list to enable or disable the DHCP snooping feature for entered VLAN. The factory default is disabled. 6. Click APPLY to apply the change to the system. Configuration changes take effect immediately. DHCP Snooping Interface Configuration Use the DHCP Snooping Interface Configuration screen to view and configure each port as a trusted or untrusted port. Any DHCP responses received on a trusted port are forwarded. If a port is configured as untrusted, any DHCP (or BootP) responses received on that port are discarded. 55