20-13
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 20 Configuring DHCP Features and IP Source Guard Features
Configuring DHCP Snooping
Enabling the DHCP Snooping Binding Database Agent
Beginning in privileged EXEC mode, follow these steps to enable and configure the DHCP snooping
binding database agent on the switch:
To stop using the database agent and binding files, use the no ip dhcp snooping database global
configuration command. To reset the timeout or delay values, use the ip dhcp snooping database
timeout seconds or the ip dhcp snooping database write-delay seconds global configuration
command.
To clear the statistics of the DHCP snooping binding database agent, use the clear ip dhcp snooping
database statistics privileged EXEC command. To renew the database, use the renew ip dhcp snooping
database privileged EXEC command.
To delete binding entries from the DHCP snooping binding database, use the no ip dhcp snooping
binding mac-address vlan vlan-id ip-address interface interface-id privileged EXEC command. Enter
this command for each entry that you want to delete.
Command Purpose
Step 1 configure terminal Enter global configuration mode.
Step 2 ip dhcp snooping database
{flash[number]:/filename |
ftp://user:password@host/filename |
http://[[username:password]@]{hostna
me | host-ip}[/directory]
/image-name.tar |
rcp://user@host/filename}|
tftp://host/filename
Specify the URL for the database agent or the binding file by using one
of these forms:
flash[number]:/filename
(Optional) Use the number parameter to specify the stack member
number of the stack master. The range for number is 1 to 4.
ftp://user:password@host/filename
http://[[username:password]@]{hostname | host-ip}[/directory]
/image-name.tar
rcp://user@host/filename
tftp://host/filename
Step 3 ip dhcp snooping database timeout
seconds
Specify (in seconds) how long to wait for the database transfer process to
finish before stopping the process.
The default is 300 seconds. The range is 0 to 86400. Use 0 to define an
infinite duration, which means to continue trying the transfer indefinitely.
Step 4 ip dhcp snooping database write-delay
seconds
Specify the duration for which the transfer should be dela yed after the
binding database changes. The range is from 15 to 86400 seconds. The
default is 300 seconds (5 minutes).
Step 5 end Return to privileged EXEC mode.
Step 6 ip dhcp snooping binding mac-address
vlan vlan-id ip-address interface
interface-id expiry seconds
(Optional) Add binding entries to the DHCP snooping binding database.
The vlan-id range is from 1 to 4904. The seconds range is from
1 to 4294967295.
Enter this command for each entry that you add.
Note Use this command when you are testing or debugging the switch .
Step 7 show ip dhcp snooping database
[detail]
Display the status and statistics of the DHCP snooping binding database
agent.
Step 8 copy running-config startup-config (Optional) Save your entries in the configuration file.