DHCP relay agent information

DHCP option 82 configuration

When DHCP snooping is enabled on a VLAN, DHCP option 82 also is enabled by default. You do not need to perform any extra configuration steps to enable this feature. To enable DHCP snooping, refer to“Enabling DHCP snooping on a VLAN” on page 286.

When processing DHCP packets, the Brocade ICX 6650 device applies the following default behavior when DHCP option 82 is enabled:

Subjects all ports in the VLAN to DHCP option 82 processing

Uses the general CID packet format

Uses the standard RID packet format

Replaces relay agent information received in DHCP packets with its own information

Does not enable SID processing

When DHCP option 82 is enabled, you can optionally:

Disable DHCP Option 82 processing on individual ports in the VLAN

Configure the device to drop or keep the relay agent information in a DHCP packet instead of replacing it with its own information

Enable SID processing

Disabling and re-enabling DHCP option 82 processing on an individual interface

By default, when DHCP option 82 is enabled on a VLAN, DHCP packets received on all member ports of the VLAN are subject to DHCP option 82 processing. You can optionally disable and later re-enable DHCP option 82 processing on one or more member ports of the VLAN. To do so, use the commands in this section.

To disable a particular port in a VLAN from adding relay agent information to DHCP packets, enter commands such as the following.

Brocade(config)# ip dhcp snooping vlan 1 Brocade(config)# interface ethernet 1/1/4 Brocade(config-if-e1000-1/1/4)# no dhcp snooping relay information

The first CLI command enables DHCP snooping and DHCP option 82 on VLAN 1. The second command changes the CLI configuration level to the Interface configuration level for port e 1/1/4. The last command disables DHCP option 82 on interface e 1/1/4, which is a member of VLAN 1.

To re-enable DHCP option 82 on an interface after it has been disabled, enter the following command at the Interface level of the CLI.

Brocade(config-if-e10000-1/1/4)# dhcp snooping relay information

Syntax: [no] dhcp snooping relay information

Use the show ip dhcp snooping vlan command to view the ports on which DHCP option 82 processing is disabled. For more information, refer to “Viewing the ports on which DHCP option 82 is disabled” on page 293.

Brocade ICX 6650 Security Configuration Guide

291

53-1002601-01

 

Page 311
Image 311
Brocade Communications Systems 6650 manual Dhcp option 82 configuration, Syntax no dhcp snooping relay information