Netgear XCM8810 Chassis Hardware Installation Guide - Page 632
Displaying DHCP Snooping Information, Example, Description, Syntax Description, Default
View all Netgear XCM8810 Chassis manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 632 highlights
NETGEAR 8800 Chassis Switch CLI Manual log filters. For more information about EMS, see the EMS commands in Chapter 8, "Commands for Status Monitoring and Statistics." Displaying DHCP Snooping Information To display the DHCP snooping configuration settings, use the following command: show ip-security dhcp-snooping {vlan} To display the DHCP bindings database, use the following command: show ip-security dhcp-snooping entries {vlan} To display any violations that occur, use the following command: show ip-security dhcp-snooping violations {vlan} Example The following command enables DHCP snooping on the switch and has the switch block DHCP packets from port 1:1: enable ip-security dhcp-snooping vlan snoop ports 1:1 violation-action drop-packet block-port enable ip-security source-ip-lockdown ports enable ip-security source-ip-lockdown ports [all | ] Description Enables the source IP lockdown feature on one or more ports. Syntax Description all ports Specifies all ports for which source IP lockdown should be enabled. Specifies one or more ports for which source IP lockdown should be enabled. Default By default, source IP lockdown is disabled on the switch. Usage Guidelines Source IP lockdown prevents IP address spoofing by automatically placing source IP address filters on specified ports. If configured, source IP lockdown allows only traffic from a valid DHCP-assigned address obtained by a DHCP snooping-enabled port or an authenticated static IP address to enter the network. To configure source IP lockdown, you must enable DHCP snooping on the ports connected to the DHCP server and DHCP client before you enable source IP lockdown. You must enable source IP lockdown on the ports connected to the DHCP client, not on the ports connected to the DHCP server. The same DHCP bindings database created when you enable DHCP 632 | Chapter 15. Security Commands