Netgear XCM8806 Chassis Hardware Installation Guide - Page 592
con trusted-ports trust-for dhcp-server
View all Netgear XCM8806 Chassis manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 592 highlights
NETGEAR 8800 Chassis Switch CLI Manual session cannot be established, (such as a failed TACACS+ daemon on the accounting server), failover happens immediately regardless of the configured timeout value. For example, if the timeout value is set for 3 seconds (the default value), it takes 3 seconds to fail over from the primary TACACS+ accounting server to the secondary TACACS+ accounting server. If both the primary and the secondary servers fail or are unavailable, it takes approximately 6 seconds to revert to the local database for authentication. Example The following command configures the timeout interval for TACACS+ accounting authentication to 10 seconds: configure tacacs-accounting timeout 10 configure trusted-ports trust-for dhcp-server configure trusted-ports [|all] trust-for dhcp-server Description Configures one or more trusted DHCP ports. Syntax Description ports all Specifies one or more ports to be configured as trusted ports. Specifies all ports to be configured as trusted ports. Default N/A. Usage Guidelines To configure trusted DHCP ports, you must first enable DHCP snooping on the switch. To enable DHCP snooping, use the following command: enable ip-security dhcp-snooping {vlan} ports [all | ] violation-action [drop-packet {[block-mac | block-port] [duration | permanently] | none]}] {snmp-trap} Trusted ports do not block traffic; rather, the switch forwards any DHCP server packets that appear on trusted ports. Depending on your DHCP snooping configuration, the switch drops packets and can disable the port temporarily, disable the port permanently, blackhole the MAC address temporarily, blackhole the MAC address permanently, and so on. If you configure one or more trusted ports, the switch assumes that all DHCP server packets on the trusted port are valid. 592 | Chapter 15. Security Commands