DHCP snooping學習筆記

此配置須要在接入層作,dhcp snooping的做用是將全部接口設置成非信任接口,達到防止dhcp的欺騙
此功能只在接入層部署,同時上聯口須要配置爲信任接口(dhcp snooping trusted)

1-F-SW2
sysname 1-F-SW2
#
undo info-center enable
#
vlan 8
#全局下開啓DHCP
dhcp enable
#全局下開啓dhcp snooping
dhcp snooping enable
#針對vlan開啓dhcp snooping
vlan 8
 dhcp snooping enable
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 8
#將上鍊接口配置爲信任接口
interface Ethernet0/0/2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 8
 dhcp snooping trusted 
#
interface Ethernet0/0/4
 port link-type access
 port default vlan 8
#
return
2-F-SW2
sysname 2-F-SW2
#
undo info-center enable
#
vlan 9
#
dhcp enable
#
dhcp snooping enable
#
vlan 9
 dhcp snooping enable
#
interface Ethernet0/0/1
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 9
 dhcp snooping trusted
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 9
#
return
相關文章
相關標籤/搜索