Allied Telesis AT-8700XL Series, Rapier i Series, AT-8600 Series manual C613-16086-00 REV B

Page 26

The following configuration (thanks to www.thtech.net/article/10) will record Option 82 information in syslog. This part is ignored if no Option 82 information is passed on. The logfile location is configured in syslog.

if exists agent.circuit-id

{

log ( info, concat( "NEW LEASE - IP: ", binary-to-ascii (10, 8, ".", leased-address),

", PORT: ", binary-to-ascii (10, 8, ":", suffix ( option agent.circuit-id, 2)),

", VLAN: ", binary-to-ascii(10, 16, "", substring( option agent.circuit-id, 2, 2)),

", SWITCH: ", binary-to-ascii(16, 8, ":", substring( option agent.remote-id, 2, 6))));

log ( info, concat( "IP ", binary-to-ascii (10, 8, ".", leased-address),

" raw option-82 info is CID: ", binary-to-ascii (10, 8, ".", option agent.circuit-id), "

AID: ",

binary-to-ascii(16, 8, ".", option agent.remote-id)));

USA Headquarters 19800 North Creek Parkway Suite 200 Bothell WA 98011 USA T: +1 800 424 4284 F: +1 425 481 3895

European Headquarters Via Motta 24 6830 Chiasso Switzerland T: +41 91 69769.00 F: +41 91 69769.11

Asia-Pacific Headquarters 11 Tai Seng Link Singapore 534182 T: +65 6383 3832 F: +65 6383 3830

www.alliedtelesis.com

© 2007 Allied Telesis, Inc. All rights reserved. Information in this document is subject to change without notice. Allied Telesis is a trademark or registered trademark of Allied Telesis, Inc. in the United States and other countries.

All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners.

C613-16086-00 REV B

Page 25 Page 26
Image 26
Page 25 Page 26
Contents AlliedWareTM OS IntroductionThis document contains the following contents Dhcp snooping Related How To NotesMinimum configuration Dhcp snooping database time-out Database survival across rebootsDatabase Verifying the status of snooped usersList of terms ARP SecurityStatic binding Trusted and non-trusted portsEnabling Dhcp snooping Completely removing the Dhcp snooping database So the database is emptyDhcp Option Dhcp Message Type = Dhcp Request Protocol detailsExample Packet Configuring Option AnalysisConfiguring filtering Dhcp filteringARP security To enable Dhcp snooping ARP securityDhcp snooping filter show command Resource considerationsExample on a Rapier If ARP security is enabled, addOr if ARP security is enabled, is Configuration examples Configure a private Vlan for customersAdd the untagged ports for the customers Enable Dhcp snooping and Option 82 supportAdd the tagged uplink ports to the Vlan Define the Dhcp snooping trusted portsCreate a traffic class for all upstream flow groups Create a set of QoS classifiersDefine the upstream QoS flow groups Configure two VLANs for layer 3 access to the Dhcp server Add ports to the VLANsFor layer 3 support, enable the Bootp Relay Define the Dhcp snooping trusted portCreate a set of QoS classifiers DHCPSNProcess 0b4333cc Dhcp Snooping pkt for Vlan From port TroubleshootingNo trusted ports configured DHCPSNProcess 0b4333cc TaggedNone UntaggedNoneDhcp client continually sends requests instead of a discover Maximum number of leases is exceededDhcpsnarp 01a6f5ec ARP to be forwarded, sender validated Switch is dropping ARPsManager set dhcpsnooping port=3 maxleases=2 Dhcpsnarp 02680e6c ARP to be forwarded, sender validated Trusted portsShow log command is also very useful Displaying log entriesAppendix 1 ISC Dhcp server C613-16086-00 REV B
Top Page Image Contents