DHCP snooping学习笔记
此配置需要在接入层做,dhcp snooping的作用是将所有接口设置成非信任接口,达到防止dhcp的欺骗
此功能只在接入层部署,同时上联口需要配置为信任接口(dhcp snooping trusted)
1-F-SW2
sysname 1-F-SW2
#
undo info-center enable
#
vlan 8
#全局下开启DHCP
dhcp enable
#全局下开启dhcp snooping
dhcp snooping enable
#针对vlan开启dhcp snooping
vlan 8
dhcp snooping enable
#
interface Ethernet0/0/1
port link-type access
port default vlan 8
#将上连接口配置为信任接口
interface Ethernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 8
dhcp snooping trusted
#
interface Ethernet0/0/4
port link-type access
port default vlan 8
#
return
2-F-SW2
sysname 2-F-SW2
#
undo info-center enable
#
vlan 9
#
dhcp enable
#
dhcp snooping enable
#
vlan 9
dhcp snooping enable
#
interface Ethernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 9
dhcp snooping trusted
#
interface Ethernet0/0/2
port link-type access
port default vlan 9
#
return
文档来源:51CTO技术博客https://blog.51cto.com/u_14122562/3175017
页:
[1]