xStack
®
DES-3200 Series Layer 2 Managed Fast Ethernet Switch CLI Reference Guide
213
Chapter 21
DHCP Server Screening
Command List
config filter dhcp_server [add permit server_ip <ipaddr> ports [<portlist> | all] | delete permit
server_ip <ipaddr> ports [<portlist> | all] | ports [<portlist> | all] state [enable | disable] |
illegal_server_log_suppress_duration [1min | 5min | 30min] | trap_log [enable | disable]]
show filter dhcp_server
21-1 config filter dhcp_server
Description
This command is used to configure DHCP server screening.
With DHCP server screening function, illegal DHCP server packet will be filtered. This command is
used to configure the state of the function for filtering of DHCP server packet and to add/delete the
DHCP server binding entry.
This command is useful for projects that support per port control of the DHCP server screening
function. The filter can be based on the DHCP server IP address.
The command has two purposes: To specify to filter all DHCP server packets on the specific port
and to specify to allow some DHCP server packets with pre-defined server IP addresses. With this
function, we can restrict the DHCP server to service specific DHCP clients. This is useful when two
DHCP servers are present on the network, one of them provides the private IP address, and one
of them provides the IP address.
Enabling filtering of the DHCP server port state will create one access profile and create one
access rule per port (UDP port = 67). Filter commands in this file will share the same access profile.
Addition of a permit DHCP entry will create one access profile and create one access rule. Filtering
commands in this file will share the same access profile.
Format
config filter dhcp_server [add permit server_ip <ipaddr> ports [<portlist> | all] | delete
permit server_ip <ipaddr> ports [<portlist> | all] | ports [<portlist> | all] state [enable |
disable] | illegal_server_log_suppress_duration [1min | 5min | 30min] | trap_log [enable |
disable]]
Parameters
add permit server_ip - Specify to add a DHCP permit server IP address.
<ipaddr> - Enter the DHCP server IP address here.
ports - The port number of filter DHCP server.
<portlist> - Enter the list of ports to be configured here.
all - Specify that all the port will be used for this configuration.
delete permit server_ip - Specify to delete a DHCP permit server IP address.
<ipaddr> - Enter the DHCP server IP address here.
ports - The port number of filter DHCP server.
<portlist> - Enter the list of ports to be configured here.
all - Specify that all the port will be used for this configuration.