04-DHCP Commands
Chapters Download (90.72 KB)
Table of Contents
1 DHCP Client Configuration Commands
DHCP Client Configuration Commands
2 DHCP Snooping Configuration Commands
DHCP Snooping Configuration Commands
dhcp-snooping information circuit-id format-type
dhcp-snooping information circuit-id string
dhcp-snooping information enable
dhcp-snooping information format
dhcp-snooping information remote-id format-type
dhcp-snooping information remote-id string
dhcp-snooping information strategy
display dhcp-snooping information
display dhcp-snooping packet statistics
reset dhcp-snooping packet statistics
3 BOOTP Client Configuration Commands
BOOTP Client Configuration Commands
When multiple VLAN interfaces having the same MAC address use DHCP for IP address acquisition via a relay agent, the DHCP server cannot be the Windows 2000 Server or Windows 2003 Server.
Syntax
display dhcp client [ verbose ] [ interface interface-type interface-number ]
View
Any view
Default Level
1: Monitor level
Parameters
verbose: Specifies verbose DHCP client information to be displayed.
interface interface-type interface-number: Specifies an interface of which to display DHCP client information.
Description
Use the display dhcp client command to display DHCP client information. If no interface interface-type interface-number is specified, DHCP client information of all interfaces will be displayed.
Examples
# Display DHCP client information of all interfaces.
<Sysname> display dhcp client
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
DHCP server: 40.1.1.2
# Display verbose DHCP client information.
<Sysname> display dhcp client verbose
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
Lease from 2005.08.13 15:37:59 to 2005.08.16 15:37:59
DHCP server: 40.1.1.2
Transaction ID: 0x1c09322d
Default router: 40.1.1.2
Classless static route:
Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16
Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16
DNS server: 44.1.1.11
DNS server: 44.1.1.12
Domain name: ddd.com
Boot server: 200.200.200.200 1.1.1.1
Client ID: 3030-3066-2e65-3234-
392e-3830-3438-2d56-
6c61-6e2d-696e-7465-
7266-6163-6531
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.
Table 1-1 display dhcp client command output description
|
Field |
Description |
|
Vlan-interface1 DHCP client information |
Information of the interface acting as the DHCP client |
|
Current machine state |
Current state of the DHCP client, which can be: l HALT: Indicates that the client stops applying for an IP address. l INIT: Indicates the initialization state. l SELECTING: Indicates that the client has sent out a DHCP-DISCOVER message in search of a DHCP server and is waiting for the response from DHCP servers. l REQUESTING: Indicates that the client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from DHCP servers. l BOUND: Indicates that the client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully. l RENEWING: Indicates that the T1 timer expires. l REBOUNDING: Indicates that the T2 timer expires. |
|
Allocated IP |
The IP address allocated by the DHCP server |
|
Allocated lease |
The allocated lease time |
|
T1 |
The 1/2 lease time (in seconds) of the DHCP client IP address |
|
T2 |
The 7/8 lease time (in seconds) of the DHCP client IP address |
|
Lease from….to…. |
The start and end time of the lease. |
|
DHCP Server |
DHCP server IP address that assigned the IP address |
|
Transaction ID |
Transaction ID, a random number chosen by the client to identify an IP address allocation. |
|
Default router |
The gateway address assigned to the client |
|
Classless static route |
Classless static routes assigned to the client |
|
Static route |
Classful static routes assigned to the client |
|
DNS server |
The DNS server address assigned to the client |
|
Domain name |
The domain name suffix assigned to the client |
|
Boot server |
PXE server addresses (up to 16 addresses) specified for the DHCP client, which are obtained through Option 43. |
|
Client ID |
Client ID |
|
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds. |
How long the T1 (1/2 lease time) timer will timeout. |
Syntax
ip address dhcp-alloc [ client-identifier mac interface-type interface-number ]
undo ip address dhcp-alloc
View
Interface view
Default Level
2: System level
Parameters
client-identifier mac interface-type interface-number: Specifies the MAC address of an interface using which as the client ID to obtain an IP address.
Description
Use the ip address dhcp-alloc command to configure an interface to use DHCP for IP address acquisition.
Use the undo ip address dhcp-alloc command to cancel an interface from using DHCP.
By default, an interface does not use DHCP for IP address acquisition.
Note that:
l If no parameter is specified, the client uses a character string comprised of the current interface name and MAC address as its ID for address acquisition.
l The DHCP client sends a DHCP-RELEASE message for releasing the IP address obtained via DHCP, if the interface of the client is down, the message cannot be sent.
Examples
# Configure VLAN-interface 1 to use DHCP for IP address acquisition.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address dhcp-alloc
The DHCP snooping enabled device does not work if it is between the DHCP relay agent and DHCP server, and it can work when it is between the DHCP client and relay agent or between the DHCP client and server.
Syntax
dhcp-snooping
undo dhcp-snooping
View
System view
Default Level
2: System level
Parameters
None
Description
Use the dhcp-snooping command to enable DHCP snooping.
Use the undo dhcp-snooping command to disable DHCP snooping.
With DHCP snooping disabled, all ports can forward responses from any DHCP servers and does not record binding information about MAC addresses of DHCP clients and the obtained IP addresses.
By default, DHCP snooping is disabled.
Related commands: display dhcp-snooping.
Examples
# Enable DHCP snooping.
<Sysname> system-view
[Sysname] dhcp-snooping
Syntax
dhcp-snooping information circuit-id format-type { ascii | hex }
undo dhcp-snooping information circuit-id format-type
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Description
Use the dhcp-snooping information circuit-id format-type command to configure the code type for the non-user-defined circuit ID sub-option.
Use the undo dhcp-snooping information circuit-id format-type command to restore the default.
By default, the code type for the circuit ID sub-option depends on the padding format of Option 82. Each field has its own code type.
Note that:
This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option using the dhcp-snooping information circuit-id string command, ASCII is adopted as the code type.
Related commands: display dhcp-snooping information.
Examples
# Configure the padding format for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface GigabitEthernet1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information circuit-id format-type ascii
Syntax
dhcp-snooping information [ vlan vlan-id ] circuit-id string circuit-id
undo dhcp-snooping information [ vlan vlan-id ] circuit-id string
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.
circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Description
Use the dhcp-snooping information circuit-id string command to configure the padding content for the user-defined circuit ID sub-option.
Use the undo dhcp-snooping information circuit-id string command to restore the default.
By default, the padding content for the circuit ID sub-option depends on the padding format of Option 82.
Note that:
l After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.
l If a VLAN is specified, the configured circuit ID sub-option only takes effect within the VLAN; if no VLAN is specified, the configured circuit ID sub-option takes effect in all VLANs. The former case has a higher priority; that is, the circuit ID sub-option specified for a VLAN will be padded for packets within the VLAN.
Related commands: dhcp-snooping information format, display dhcp-snooping information.
Examples
# Configure the global padding content for the user-defined circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information circuit-id string company001
Syntax
dhcp-snooping information enable
undo dhcp-snooping information enable
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
None
Description
Use the dhcp-snooping information enable command to configure DHCP snooping to support Option 82.
Use the undo dhcp-snooping information enable command to disable this function.
By default, DHCP snooping does not support Option 82.
Related commands: display dhcp-snooping information.
Examples
# Configure DHCP snooping to support Option 82.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
Syntax
dhcp-snooping information format { normal | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp-snooping information format [ verbose node-identifier ]
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
normal: Specifies the normal padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.
l mac indicates using MAC address as the node identifier.
l sysname indicates using the device name of a node as the node identifier.
l user-defined node-identifier indicates using a specified character string as the node identifier, in which node-identifier is a string of 1 to 50 characters.
Description
Use the dhcp-snooping information format command to specify the padding format for Option 82.
Use the undo dhcp-snooping information format command to restore the default.
By default, the padding format for Option 82 is normal.
Note that when you use the undo dhcp-snooping information format command, if the verbose node-identifier argument is not specified, the padding format will be restored to normal; if the verbose node-identifier argument is specified, the padding format will be restored to verbose with MAC address as the node identifier.
Related commands: display dhcp-snooping information.
Examples
# Specify the padding format as verbose for Option 82.
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information strategy replace
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information format verbose
Syntax
dhcp-snooping information remote-id format-type { ascii | hex }
undo dhcp-snooping information remote-id format-type
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Description
Use the dhcp-snooping information remote-id format-type command to configure the code type for the non-user-defined remote ID sub-option.
Use the undo dhcp-snooping information remote-id format-type command to restore the default.
By default, the code type for the remote ID sub-option is HEX.
Note that:
This command applies to configuring a non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option using the dhcp-snooping information remote-id string command, ASCII is adopted as the code type.
Related commands: display dhcp-snooping information.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information remote-id format-type ascii
Syntax
dhcp-snooping information [ vlan vlan-id ] remote-id string { remote-id | sysname }
undo dhcp-snooping information [ vlan vlan-id ] remote-id string
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.
remote-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Description
Use the dhcp-snooping information remote-id string command to configure the padding content for the user-defined remote ID sub-option.
Use the undo dhcp-snooping information remote-id string command to restore the default.
By default, the padding content for the remote ID sub-option depends on the padding format of Option 82.
Note that:
l After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.
l If a VLAN is specified, the configured remote ID sub-option only takes effect within the VLAN; if no VLAN is specified, the configured remote ID sub-option takes effect in all VLANs. The former case has a higher priority; that is, the remote ID sub-option configured for a VLAN will be padded for the packets within the VLAN.
If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string “Sysname” command.
Related commands: dhcp-snooping information format, display dhcp-snooping information.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information remote-id string device001
Syntax
dhcp-snooping information strategy { drop | keep | replace }
undo dhcp-snooping information strategy
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
drop: Drops the requesting message containing Option 82.
keep: Forwards the requesting message containing Option 82 without changing Option 82.
replace: Forwards the requesting message containing Option 82 after replacing the original Option 82 with the one padded in specified format.
Description
Use the dhcp-snooping information strategy command to configure the handling strategy for Option 82 in requesting messages.
Use the undo dhcp-snooping information strategy command to restore the default.
By default, the handling strategy for Option 82 in requesting messages is replace.
Related commands: display dhcp-snooping information.
Examples
# Configure the handling strategy for Option 82 in requesting messages as keep.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information strategy keep
Syntax
dhcp-snooping trust [ no-user-binding ]
undo dhcp-snooping trust
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
no-user-binding: Specifies the port not to record the clients’ IP-to-MAC bindings in DHCP requests it receives. The command without this keyword records the IP-to-MAC bindings of clients.
Description
Use the dhcp-snooping trust command to configure a port as a trusted port.
Use the undo dhcp-snooping trust command to restore the default state of a port.
All ports are untrusted by default.
After enabling DHCP snooping, you need to specify the ports connected to the valid DHCP servers as trusted to ensure that DHCP clients can obtain valid IP addresses.
Related commands: display dhcp-snooping trust.
Examples
# Specify GigabitEthernet1/0/1 as a trusted port and enable it to record the IP-to-MAC bindings of clients.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping trust
Syntax
display dhcp-snooping [ ip ip-address ]
View
Any view
Default Level
1: Monitor level
Parameters
ip ip-address: Displays the DHCP snooping entries corresponding to the specified IP address.
Description
Use the display dhcp-snooping command to display DHCP snooping entries.
Only the DHCP snooping entries containing IP-to-MAC bindings that are present both in the DHCP-ACK and DHCP-REQUEST messages are displayed by using the display dhcp-snooping command.
Related commands: dhcp-snooping, reset dhcp-snooping.
Examples
# Display all DHCP snooping entries.
<Sysname> display dhcp-snooping
DHCP Snooping is enabled.
The client binding table for all untrusted ports.
Type : D--Dynamic , S--Static
Type IP Address MAC Address Lease VLAN Interface
==== =============== =============== ========== ==== =================
D 10.1.1.1 00e0-fc00-0006 286 1 GigabitEthernet1/0/1
--- 1 dhcp-snooping item(s) found ---
Table 2-1 display dhcp snooping command output description
|
Field |
Description |
|
Type |
Binding type, which can be: l D: Dynamic IP-to-MAC binding. l S: Static IP-to-MAC binding. Currently, static IP-to-MAC bindings are not supported. |
|
IP Address |
IP address assigned to the DHCP client |
|
MAC Address |
MAC address of the DHCP client |
|
Lease |
Lease period left (in seconds) |
|
VLAN |
VLAN where the port connecting the DHCP client resides |
|
Interface |
Port to which the DHCP client is connected |
Syntax
display dhcp-snooping information { all | interface interface-type interface-number }
View
Any view
Default Level
1: Monitor level
Parameters
all: Displays the Option 82 configuration information of all Layer 2 Ethernet interfaces.
interface interface-type interface-number: Displays the Option 82 configuration information of a specified interface.
Description
Use the display dhcp-snooping information command to display Option 82 configuration information on the DHCP snooping device.
Examples
# Display the Option 82 configuration information of all interfaces.
<Sysname> display dhcp-snooping information all
Interface: GigabitEthernet1/0/1
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: aabbcc
User defined:
Circuit ID: company001
Interface: GigabitEthernet1/0/2
Status: Disable
Strategy: Keep
Format: Normal
Circuit ID format-type: HEX
Remote ID format-type: ASCII
User defined:
Circuit ID: company001
Remote ID: device001
VLAN 10:
Circuit ID: vlan10@company001
VLAN 20:
Remote ID: device001
Syntax
display dhcp-snooping packet statistics
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display dhcp-snooping packet statistics command to display DHCP packet statistics on the DHCP snooping device.
Related commands: reset dhcp-snooping packet statistics.
Examples
# Display DHCP packet statistics on the DHCP snooping device.
<Sysname> display dhcp-snooping packet statistics
DHCP packets received : 100
DHCP packets sent : 200
Packets dropped due to rate limitation : 20
Dropped invalid packets : 0
Syntax
display dhcp-snooping trust
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display dhcp-snooping trust command to display information about trusted ports.
Related commands: dhcp-snooping trust.
Examples
# Display information about trusted ports.
<Sysname> display dhcp-snooping trust
DHCP Snooping is enabled.
DHCP Snooping trust becomes active.
Interface Trusted
========================= ============
GigabitEthernet1/0/1 Trusted
The above output shows that DHCP snooping is enabled, DHCP snooping trust is active, and port GigabitEthernet1/0/1 is trusted.
Syntax
reset dhcp-snooping { all | ip ip-address }
View
User view
Default Level
1: Monitor level
Parameters
all: Clears all DHCP snooping entries.
ip ip-address: Clears the DHCP snooping entries of the specified IP address.
Description
Use the reset dhcp-snooping command to clear DHCP snooping entries.
Related commands: display dhcp-snooping.
Examples
# Clear all DHCP snooping entries.
<Sysname> reset dhcp-snooping all
Syntax
reset dhcp-snooping packet statistics
View
User view
Default Level
2: System level
Parameters
None
Description
Use the reset dhcp-snooping packet statistics command to clear DHCP packet statistics on the DHCP snooping device.
Related commands: display dhcp-snooping packet statistics.
Examples
# Clear DHCP packet statistics on the DHCP snooping device.
<Sysname> reset dhcp-snooping packet statistics
If several VLAN interfaces sharing the same MAC address obtain IP addresses through a BOOTP relay agent, the BOOTP server cannot be a Windows 2000 Server or Windows 2003 Server.
Syntax
display bootp client [ interface interface-type interface-number ]
View
Any view
Default Level
1: Monitor level
Parameters
interface interface-type interface-number: Displays the BOOTP client information of the interface.
Description
Use the display bootp client command to display related information about a BOOTP client.
Note:
l If interface interface-type interface-number is not specified, the command will display information about BOOTP clients on all interfaces.
l If interface interface-type interface-number is specified, the command will display information about the BOOTP client on the specified interface.
Examples
# Display related information of the BOOTP client on VLAN-interface 1.
<Sysname> display bootp client interface vlan-interface 1
Vlan-interface1 BOOTP client information:
Allocated IP: 169.254.0.2 255.255.0.0
Transaction ID = 0x3d8a7431
Mac Address 00e0-fc0a-c3ef
Table 3-1 display bootp client command output description
|
Field |
Description |
|
Vlan-interface1 BOOTP client information |
Information of the interface serving as a BOOTP client |
|
Allocated IP |
BOOTP client’s IP address allocated by the BOOTP server |
|
Transaction ID |
Value of the XID field in a BOOTP message, namely, a random number chosen while the BOOTP client sends a BOOTP request to the BOOTP server. It is used to match a response message from the BOOTP server. If the values of the XID field are different in the BOOTP response and request, the BOOTP client will drop the BOOTP response. |
|
Mac Address |
MAC address of a BOOTP client |
Syntax
ip address bootp-alloc
undo ip address bootp-alloc
View
Interface view
Default Level
2: System level
Parameters
None
Description
Use the ip address bootp-alloc command to enable an interface to obtain an IP address through BOOTP.
Use the undo ip address bootp-alloc command to disable the interface from obtaining an IP address through BOOTP.
By default, an interface does not obtain an IP address through BOOTP.
Related commands: display bootp client.
Examples
# Configure VLAN-interface 1 to obtain IP address through BOOTP protocol.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address bootp-alloc
