Brocade Communications Systems 6910 manual Dynamic Host Configuration Protocol

Dynamic Host Configuration Protocol

Dynamic ARP Inspection Interface configuration table

Dynamic Host Configuration Protocol

Dynamic Host Configuration Protocol (DHCP) snooping enables the device to filter untrusted DHCP packets in a subnet. DHCP snooping can prevent man-in-the-middle (MiM) attacks, such as a malicious user who is posing as a DHCP server and is sending false DHCP server reply packets with the intention of misdirecting other users. It can also stop unauthorized DHCP servers and prevent errors due to misconfiguration of DHCP servers.

SNMP DHCP snooping MIB objects describes how to configure the DHCP snooping feature using SNMP. It consists of the following:

•fdryDhcpSnoopGlobalClearOper: A scalar used to clear all entries in the DHCP binding database

•fdryDhcpSnoopVlanConfigTable: A table that provides the mechanism to control DHCP snooping per VLAN. When a VLAN is created on a device that supports this table, a corresponding entry of this table will be added.

•fdryDhcpSnoopIfConfigTable: A table that provides the mechanism to configure the trust state for DHCP snooping at each physical interface.

•fdryDhcpSnoopBindTable: A table that provides the information for DHCP snooping binding database learned by the device. The DHCP binding database is integrated with the enhanced ARP table. It contains the information of a DHCP entry, such as IP address, MAC address, type, state, port, VLAN ID, and lease time. (To be provided at a later date.)