Cisco Systems ME3400G2CSA Configuring the DHCP Relay Agent

18-8

Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide

78-17058-01

Chapter18 Configuring DHCP Features and IP Source Guard

Configuring DHCP Features

•Before configuring the DHCP snooping information option on your switch, be sure to configu re the

device that is acting as the DHCP server. For example, you must specify the IP addresses that the

DHCP server can assign or exclude, or you must configure DHCP options for the se d evices.

•Before configuring the DHCP relay agent on your switch, make sure to configure the device that is

acting as the DHCP server. For example, you must specify the I P a ddres ses that the DHCP server

can assign or exclude, configure DHCP options for devices, or set up the DHCP database agent.

•If the DHCP relay agent is enabled but DHCP snooping is disabled, the DHCP option-82 data

insertion feature is not supported.

•If a switch port is connected to a DHCP server, configure a port as trusted by entering the ip dhcp

snooping trust interface configuration command.

•If a switch port is connected to a DHCP client, configure a port as untrusted by entering the no ip

dhcp snooping trust interface configuration command.

•IFollow these guidelines when configuring the DHCP snooping binding database:

–

Because both NVRAM and the flash memory have limited storage capacity, we recommend that

you store the binding file on a TFTP server.

–

You must create an empty file at the configured URL on network-based URLs (such as TFTP

and FTP) before the switch can initially write bindings to the binding file at that URL for the

first time.

–

To ensure that the lease time in the database is accurate, we recomm end that NTP is enab led and

configured. For more information, see the “Configuring NTP” section on page 5-4.

–

If NTP is configured, the switch writes binding changes to the binding file only when the switch

system clock is synchronized with NTP.

•Do not enter the ip dhcp snooping information option allowed-untrusted command on an

aggregation switch to which an untrusted device is connected. If yo u en ter thi s co mma nd , an

untrusted device might spoof the option-82 information.

Configuring the DHCP Relay Agent

Beginning in privileged EXEC mode, follow these steps to enable the DHCP relay agent on the switch:

To disable the DHCP relay agent, use the no service dhcp global configuration command.

See the “Configuring DHCP” section of the “IP Addressing and Services” section of the Cisco IOS IP

Configuration Guide, Release12.2 for these procedure s:

•Checking (validating) the relay agent information

•Configuring the relay agent forwarding policy

Command Purpose

Step1 configure terminal Enter global configuration mode.

Step2 service dhcp Enable the DHCP relay agent on your switch. By default, this feature is

enabled.

Step3 end Return to privileged EXEC mode.

Step4 show running-config Verify your entries.

Step5 copy running-config startup-config (Optional) Save your entries in the configuration file.