Syntax
dhcp-snooping
undo dhcp-snooping
View
System view
Parameter
None
Description
Use the dhcp-snooping command to
enable the DHCP snooping function.
Use the undo dhcp-snooping command
to disable the DHCP snooping function.
By default, the DHCP snooping function is
disabled.
Related command: display dhcp-snooping.
Example
# Enter system view.
<H3C> system-view
System View: return to User View with
Ctrl+Z.
# Enable the DHCP snooping function.
[H3C] dhcp-snooping
Syntax
dhcp-snooping trust
undo dhcp-snooping trust
View
Ethernet port view
Parameter
None
Description
Use the dhcp-snooping trust command
to set an Ethernet port to a trusted port.
Use the undo dhcp-snooping trust
command to restore an Ethernet port to an untrusted port.
DHCP snooping security allow you to set a
port to a trusted port or an untrusted port, so that DHCP clients can obtain IP
addresses from only valid DHCP servers.
l
Trusted ports can be used to connect DHCP
servers or ports of other switches. Untrusted ports can be used to connect DHCP
clients or networks.
l
Trusted ports forward any received DHCP packets
to ensure that DHCP clients can obtain IP addresses from valid DHCP servers. Untrusted
ports discard the DHCP-ACK and DHCP-OFFER responses received from DHCP servers.
By default, all the ports of a switch are untrusted
ports.
Related command: display dhcp-snooping
trust.
Example
# Enter system view.
<H3C> system-view
System View: return to User View with
Ctrl+Z.
# Set the Ethernet1/0/1 port to a trusted
port.
[H3C-Ethernet1/0/1] dhcp-snooping
trust
Syntax
display dhcp-snooping [ unit unit-id ]
View
Any view
Parameter
unit unit-id: Displays the DHCP-snooping information on other devices in fabric
when the switch is in fabric. unit-id indicates the number of the device
whose DHCP-snooping information needs to be viewed.
Description
Use the display dhcp-snooping
command to display the user IP-MAC address mapping entries recorded by the DHCP
snooping function.
Related command: dhcp-snooping.
Example
# Display the user IP-MAC address mapping
entries recorded by the DHCP snooping function.
<H3C>
display dhcp-snooping
DHCP-Snooping is enabled.
The client binding table for all untrusted
ports.
Type : D--Dynamic , S--Static
Unit ID : 1
Type IP Address MAC Address
Lease VLAN Interface
==== =============== ===============
========= ==== =================
--- 0 dhcp-snooping item(s) of unit
1 found ---
Syntax
display dhcp-snooping trust
View
Any view
Parameter
None
Description
Use the display dhcp-snooping trust
command to display the (enabled/disabled) state of the DHCP snooping function
and the trusted ports.
Related command: dhcp-snooping trust.
Example
# Display the state of the DHCP snooping
function and the trusted ports.
<H3C> display dhcp-snooping
trust
DHCP-Snooping is enabled.
DHCP-Snooping trust become
effective.
Interface Trusted
=====================
=================
Ethernet1/0/10 Trusted
The above display information indicates
that the DHCP snooping function is enabled, and the Ethernet1/0/10 port is a
trusted port.
Syntax
debugging dhcp client { all | error | event | packet }
undo debugging
dhcp client { all | error | event | packet }
View
User view
Parameter
all: Enables
all types of debugging for dynamic host configuration protocol (DHCP) or
bootstrap protocol (BOOTP) client.
error:
Enables debugging for DHCP/BOOTP client error messages (including the
information about unidentified packets).
event:
Enables debugging for DHCP/BOOTP client events (including address allocation
and data update).
packet:
Enables debugging for packets received/transmitted by a DHCP/BOOTP client.
Description
Use the debugging dhcp client
command to enable a specified type of debugging for the DHCP/BOOTP client.
Use the undo debugging dhcp client
command to disable debugging output.
By default, debugging for DHCP/BOOTP client
is disabled.
As debugging occupies system resources, disable
debugging if it is not needed.
Example
# Enable debugging for DHCP/BOOTP client
events.
<H3C> debugging dhcp client event
Syntax
debugging dhcp irf xha
undo debugging dhcp irf xha
View
User view
Parameter
None
Description
Use the debugging dhcp irf xha
command to enable the hot backup debugging for the DHCP/BOOTP client.
Use the undo debugging dhcp irf xha
command to disable the hot backup debugging for the DHCP/BOOTP client.
The hot backup debugging for the DHCP/BOOTP
client is disabled by default.
Example
# Enable the hot backup debugging for the
DHCP/BOOTP client.
<H3C> debugging dhcp irf xha
Syntax
display dhcp client [ verbose ]
View
Any view
Parameter
verbose:
Displays the detailed address allocation information.
Description
Use the display dhcp client command
to display the information about the address allocation of DHCP clients.
Example
# Display the information about the address
allocation of DHCP clients.
<H3C> display dhcp client
verbose
DHCP client statistic information:
Vlan-interface1:
Current machine state: BOUND
Allocated IP: 169.254.0.2 255.255.0.0
Allocated lease: 86400 seconds, T1:
43200 seconds, T2: 75600 seconds
Lease from 2002.09.20 01:05:03 to
2002.09.21 01:05:03
Server IP: 169.254.0.1
Transaction ID = 0x3d8a7431
Default router: 2.2.2.2
Next timeout will happen after 0 days
11 hours 56 minutes 1 seconds.
The output information above shows that:
l
The IP address 169.254.0.2/16 is allocated to
VLAN interface1.
l
The current state of the client state machine is
BOUND.
l
The lease period of the address is 86,400
seconds.
l
The value of the renewal timer and rebinding
timer is 43,200 seconds and 75,600 seconds.
l
The lease period dates from 2002.09.20 01:05:03
to 2002.09.21 01:05:03.
l
The IP address of the DHCP server is 169.254.0.1.
l
The IP address of the gateway is 2.2.2.2.
l
Next timeout will happen after 11 hours 56 minutes
1 second.
Table 2-1 Description
on the fields of the display dhcp client command
|
Field
|
Description
|
|
Vlan-interface1
|
VLAN interface operating as a DHCP client
to obtain an IP address dynamically
|
|
Current machine state
|
The state of the client state machine
|
|
Allocated IP
|
IP address allocated to the DHCP client
|
|
lease
|
Lease period
|
|
T1
|
Renewal timer setting
|
|
T2
|
Rebinding timer setting
|
|
Lease from….to….
|
The starting and end time of the lease
period
|
|
Server IP
|
IP address of the DHCP server selected
|
|
Transaction
ID
|
Transaction
ID
|
|
Default
router
|
Gateway
address
|
Syntax
ip address dhcp-alloc
undo ip address dhcp-alloc
View
VLAN interface view
Parameter
None
Description
Use the ip address dhcp-alloc
command to configure a VLAN interface to obtain an IP address through DHCP.
Use the undo ip address dhcp-alloc
command to cancel the configuration.
By default, a VLAN interface does not use
DHCP to obtain an IP address.
Example
# Configure the management VLAN interface
to obtain an IP address through DHCP. (Assume that VLAN 1 is the management
VLAN.)
<H3C> system-view
System View: return to User View with
Ctrl+Z.
[H3C] interface Vlan-interface 1
[H3C-Vlan-interface1] ip address dhcp-alloc
Syntax
display bootp client [ interface Vlan-interface vlan-id ]
View
Any view
Parameter
vlan-id: ID
of the management VLAN interface.
Description
Use the display bootp client command
to display BOOTP client-related information, including the MAC address of the
BOOTP client and the IP address obtained.
Example
# Display the BOOTP client-related
information.
<H3C> display bootp client
interface Vlan-interface 1
Vlan-interface1:
Allocated IP: 169.254.0.2 255.255.0.0
Transaction ID = 0x3d8a7431
Mac Address 00e0-fc0a-c3ef
Table 2-2 Description
on the fields of the display bootp client command
|
Field
|
Description
|
|
Vlan-interface1
|
Management VLAN interface 1 is configured
to obtain an IP address through BOOTP.
|
|
Allocated IP
|
IP address allocated to the VLAN
interface
|
|
Transaction ID
|
Value of the XID field in BOOTP packets
|
|
Mac Address
|
MAC address of the BOOTP client
|
Syntax
ip address bootp-alloc
undo ip address bootp-alloc
View
VLAN interface view
Parameter
None
Description
Use the ip address bootp-alloc
command to configure a VLAN interface to obtain an IP address through BOOTP.
Use the undo ip address bootp-alloc
command to cancel the configuration.
By default, a VLAN interface does not use
BOOTP to obtain an IP address.
Related command: display bootp client.
Example
# Configure the management VLAN interface
to obtain an IP address through BOOTP. (Assume that VLAN 1 is the management
VLAN.)
<H3C> system-view
System View: return to User View with
Ctrl+Z.
[H3C] interface Vlan-interface 1
[H3C-Vlan-interface1] ip address bootp-alloc
