120 Configuring the domain
Table 18
Hub DHCP subnet type (cont’d.)
red Configures the IP address range and options for the red enforcement zone.
See “DHCP Settings menu” (page 117).
Enter the IP address range for the red enforcement zone. Enter the pVIP of
the Nortel SNAS for the DNS address (option 6). It is recommended that you
configure a short lease time (option 51).
yellow Defines the yellow enforcement zone.
See “DHCP Settings menu” (page 117).
Enter the IP address range for the yellow enforcement zone. Enter the IP
address of your corporate remediation server for the DNS address (option
6).
green Defines the green enforcement zone.
See “DHCP Settings menu” (page 117).
Enter the IP address range for the green enforcement zone. Enter the IP
address of your corporate DHCP server for the DNS address (option 6).
ena Enables the subnet.
dis Disables the subnet.
del Deletes the subnet.
Filter DHCP subnet type
The filter DHCP subnet type provides a mechanism for redirecting the
client to the corporate DNS server when the network access points are
NSNA network access devices and Filter only enforcement is used. This
section assumes you are familiar with the information in “Configuring local
DHCP services” (page 115).
Background: When the Nortel SNAS determines that a client can be
moved from the Red enforcement zone, it directs Nortel Health Agent to
initiate an ipconfig release/renew to change the IP address of the client.
There are a number of situations where this Nortel Health Agent action
does not occur (for information, see “Configuring groups” (page 156)). In
these situations, the IP address of the client remains as initially obtained
from the DHCP server and the DNS server for the client continues to be
the Nortel SNAS. The result is that all DNS resolution is handled by the
Nortel SNAS. The filter DHCP subnet type allows you to optomize network
performance by redirecting DNS services from the Nortel SNAS to the
corporate DNS server.
The menu for the filter DHCP subnet type includes:
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007,2008 NortelNetworks
.