Login
| Title | Size | Downloads |
|---|---|---|
| H3C S5120-SI Series Ethernet Switches Command Reference-Release 1101-6W105-DHCP Commands.pdf | 159.89 KB |
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 14-DHCP Commands | 159.89 KB |
Table of Contents
1 DHCP Relay Agent Configuration Commands
DHCP Relay Agent Configuration Commands
dhcp relay information circuit-id format-type
dhcp relay information circuit-id string
dhcp relay information remote-id format-type
dhcp relay information remote-id string
dhcp relay information strategy
dhcp relay security refresh enable
display dhcp relay information
display dhcp relay security statistics
display dhcp relay security tracker
display dhcp relay server-group
2 DHCP Client Configuration Commands
DHCP Client Configuration Commands
3 DHCP Snooping Configuration Commands
DHCP Snooping Configuration Commands
dhcp-snooping information circuit-id format-type
dhcp-snooping information circuit-id string
dhcp-snooping information enable
dhcp-snooping information format
dhcp-snooping information remote-id format-type
dhcp-snooping information remote-id string
dhcp-snooping information strategy
display dhcp-snooping information
display dhcp-snooping packet statistics
reset dhcp-snooping packet statistics
4 BOOTP Client Configuration Commands
BOOTP Client Configuration Commands
DHCP Relay Agent Configuration Commands
dhcp relay address-check
Syntax
dhcp relay address-check { disable | enable }
View
Interface view
Default Level
2: System level
Parameters
disable: Disables IP address match check on the relay agent.
enable: Enables IP address match check on the relay agent.
Description
Use the dhcp relay address-check enable command to enable IP address match check on the relay agent.
Use the dhcp relay address-check disable command to disable IP address match check on the relay agent.
By default, the function is disabled.
If a requesting client’s IP and MAC addresses do not match any binding (both dynamic and static bindings) on the DHCP relay agent, the client cannot access external networks via the DHCP relay agent.
Note that,The dhcp relay address-check enable command only checks IP and MAC addresses of clients.
Examples
# Enable IP address match check on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay address-check enable
dhcp relay information circuit-id format-type
Syntax
dhcp relay information circuit-id format-type { ascii | hex }
undo dhcp relay information circuit-id format-type
View
Interface view
Default Level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Description
Use the dhcp relay information circuit-id format-type command to configure the code type for the non-user-defined circuit ID sub-option.
Use the undo dhcp relay information circuit-id format-type command to restore the default.
By default, the code type for the circuit ID sub-option depends on the specified padding format of Option 82. Each field has its own code type.
Note that:
This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option using the dhcp relay information circuit-id string command, ASCII is adopted as the code type.
Related commands: display dhcp relay information.
Examples
# Configure the code type for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information circuit-id format-type ascii
dhcp relay information circuit-id string
Syntax
dhcp relay information circuit-id string circuit-id
undo dhcp relay information circuit-id string
View
Interface view
Default Level
2: System level
Parameters
circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Description
Use the dhcp relay information circuit-id string command to configure the padding content for the user-defined circuit ID sub-option.
Use the undo dhcp relay information circuit-id string command to restore the default.
By default, the padding content for the circuit ID sub-option depends on the padding format of Option 82.
Note that:
After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.
Related commands: dhcp relay information format, display dhcp relay information.
Examples
# Configure the padding content for the circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information circuit-id string company001
dhcp relay information enable
Syntax
dhcp relay information enable
undo dhcp relay information enable
View
Interface view
Default Level
2: System level
Parameters
None
Description
Use the dhcp relay information enable command to enable the relay agent to support Option 82.
Use the undo dhcp relay information enable command to disable Option 82 support.
By default, Option 82 support is disabled on DHCP relay agent.
Related commands: display dhcp relay information.
Examples
# Enable Option 82 support on the relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information enable
dhcp relay information format
Syntax
dhcp relay information format { normal | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp relay information format [ verbose node-identifier ]
View
Interface view
Default Level
2: System level
Parameters
normal: Specifies the normal padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.
l mac indicates using MAC address as the node identifier.
l sysname indicates using the device name of a node as the node identifier.
l user-defined node-identifier indicates using a specified character string as the node identifier, in which node-identifier is a string with 1 to 50 characters.
Description
Use the dhcp relay information format command to specify a padding format for Option 82.
Use the undo dhcp relay information format command to restore the default padding format.
The Option 82 padding format defaults to normal.
l Using the undo dhcp relay information format command without the keyword verbose node-identifier restores the default normal padding format, or with the keyword verbose node-identifier restores the mac mode of the verbose padding format.
l If configuring the handling strategy of the DHCP relay agent as replace, you need to configure a padding format of Option 82. If the handling strategy is keep or drop, you need not configure any padding format.
l If sub-option 1 (node identifier) of Option 82 is padded with the device name (sysname) of a node, the device name must contain no spaces. Otherwise, the DHCP relay agent will drop the message.
Related commands: display dhcp relay information.
Examples
# Specify the verbose padding format for Option 82.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information enable
[Sysname-Vlan-interface1] dhcp relay information strategy replace
[Sysname-Vlan-interface1] dhcp relay information format verbose
dhcp relay information remote-id format-type
Syntax
dhcp relay information remote-id format-type { ascii | hex }
undo dhcp relay information remote-id format-type
View
Interface view
Default Level
2: System view
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Description
Use the dhcp relay information remote-id format-type command to configure the code type for the non-user-defined remote ID sub-option.
Use the undo dhcp relay information remote-id format-type command to restore the default.
By default, the code type for the remote ID sub-option is HEX.
Note that:
This command applies to configuring the non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option using the dhcp relay information remote-id string command, ASCII is adopted as the code type.
Related commands: display dhcp relay information.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information remote-id format-type ascii
dhcp relay information remote-id string
Syntax
dhcp relay information remote-id string { remote-id | sysname }
undo dhcp relay information remote-id string
View
Interface view
Default Level
2: System level
Parameters
remote-id: Padding content for the user-defined remote ID sub-option, a case sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Description
Use the dhcp relay information remote-id string command to configure the padding content for the user-defined remote ID sub-option.
Use the undo dhcp relay information remote-id string command to restore the default.
By default, the padding content for the remote ID sub-option depends on the padding format of Option 82.
Note that: After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.
If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string “Sysname” command.
Related commands: dhcp relay information format, display dhcp relay information.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information remote-id string device001
dhcp relay information strategy
Syntax
dhcp relay information strategy { drop | keep | replace }
undo dhcp relay information strategy
View
Interface view
Default Level
2: System level
Parameters
drop: Specifies to drop messages containing Option 82.
keep: Specifies to forward messages containing Option 82 without any change.
replace: Specifies to forward messages containing Option 82 after replacing the original Option 82 with the Option 82 padded in the specified padding format.
Description
Use the dhcp relay information strategy command to configure DHCP relay agent handling strategy for messages containing Option 82.
Use the undo dhcp relay information strategy command to restore the default handling strategy.
The handling strategy for messages containing Option 82 defaults to replace.
Related commands: display dhcp relay information.
Examples
# Configure the DHCP relay agent handling strategy for messages containing Option 82 as keep.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information enable
[Sysname-Vlan-interface1] dhcp relay information strategy keep
dhcp relay release ip
Syntax
dhcp relay release ip client-ip
View
System view
Default Level
2: System level
Parameters
client-ip: DHCP client IP address.
Description
Use the dhcp relay release ip command to request the DHCP server to release a specified client IP address.
Examples
# Request the DHCP server to release the IP address 1.1.1.1.
<Sysname> system-view
[Sysname] dhcp relay release ip 1.1.1.1
dhcp relay security static
Syntax
dhcp relay security static ip-address mac-address [ interface interface-type interface-number ]
undo dhcp relay security { ip-address | all | dynamic | interface interface-type interface-number | static }
View
System view
Default Level
2: System level
Parameters
ip-address: Client IP address for creating a static binding.
mac-address: Client MAC address for creating a static binding, in the format H-H-H.
interface interface-type interface-number: Specifies a Layer 3 interface connecting to the DHCP client. interface-type interface-number specifies the interface type and interface number.
all: Specifies all client entries to be removed.
dynamic: Specifies dynamic client entries to be removed.
static: Specifies manual client entries to be removed.
Description
Use the dhcp relay security static command to configure a static client entry, that is, the binding between IP address, MAC address, and Layer 3 interface on the relay agent.
Use the undo dhcp relay security command to remove specified client entries from the relay agent.
No manual client entry is configured on the DHCP relay agent by default.
Note that:
l When using the dhcp relay security static command to bind an interface to a static client entry, make sure that the interface is configured as a DHCP relay agent; otherwise, entry conflicts may occur.
l The undo dhcp relay security interface command is used to remove all the dynamic client entries from the interface.
Related commands: display dhcp relay security.
Examples
# Bind DHCP relay interface VLAN-interface 2 to IP address 10.10.1.1 and MAC address 0005-5d02-f2b3 of the client.
<Sysname> system-view
[Sysname] dhcp relay security static 10.10.1.1 0005-5d02-f2b3 interface vlan-interface 2
dhcp relay security refresh enable
Syntax
dhcp relay security refresh enable
undo dhcp relay security refresh enable
View
System view
Default Level
2: System level
Parameters
None
Description
Use the dhcp relay security refresh enable command to enable the DHCP relay agent to periodically refresh dynamic client entries.
Use the undo dhcp relay security refresh enable command to disable periodic refresh of dynamic client entries.
By default, the DHCP relay agent is enabled to periodically refresh dynamic client entries.
Note that:
If you disable the DHCP relay agent from periodically refreshing dynamic client entries, such entries do not age automatically. Therefore, if a client relinquishes its IP address, you need to manually remove the corresponding dynamic client entry on the DHCP relay agent.
Related commands: dhcp relay security tracker and dhcp relay security static.
Examples
# Disable the DHCP relay agent from periodically refreshing dynamic client entries.
<Sysname> system-view
[Sysname] undo dhcp relay security refresh enable
dhcp relay security tracker
Syntax
dhcp relay security tracker { interval | auto }
undo dhcp relay security tracker [ interval ]
View
System view
Default Level
2: System level
Parameters
interval: Refreshing interval in seconds, in the range of 1 to 120.
auto: Specifies the auto refreshing interval, which is the value of 60 seconds divided by the number of binding entries. Thus, the more entries are, the shorter interval is, but the shortest interval is no less than 500 ms.
Description
Use the dhcp relay security tracker command to set a refreshing interval at which the relay agent contacts the DHCP server for refreshing dynamic bindings.
Use the undo dhcp relay security tracker command to restore the default interval.
The default refreshing interval is auto, the value of 60 seconds divided by the number of binding entries.
Related commands: display dhcp relay security tracker.
Examples
# Set the refreshing interval as 100 seconds.
<Sysname> system-view
[Sysname] dhcp relay security tracker 100
dhcp relay server-detect
Syntax
dhcp relay server-detect
undo dhcp relay server-detect
View
System view
Default Level
2: System level
Parameters
None
Description
Use the dhcp relay server-detect command to enable unauthorized DHCP server detection.
Use the undo dhcp relay server-detect command to disable unauthorized DHCP server detection.
By default, unauthorized DHCP server detection is disabled.
With this function enabled, upon receiving a DHCP request, the DHCP relay agent will record the IP addresses of all DHCP servers which ever offered IP addresses to the DHCP client and the receiving interface. Each server detected is recorded only once. The administrator can get this information from logs to check out unauthorized DHCP servers.
After the information of recorded DHCP servers is cleared, the relay agent will re-record server information following this mechanism.
Examples
# Enable unauthorized DHCP server detection.
<Sysname> system-view
[Sysname] dhcp relay server-detect
dhcp relay server-group
Syntax
dhcp relay server-group group-id ip ip-address
undo dhcp relay server-group group-id [ ip ip-address ]
View
System view
Default Level
2: System level
Parameters
group-id: DHCP server group number, in the range of 0 to 19.
ip ip-address: DHCP server IP address.
Description
Use the dhcp relay server-group command to specify a DHCP server for a DHCP server group.
Use the undo dhcp relay server-group command to remove a DHCP server from a DHCP server group, if no ip ip-address is specified, all servers in the DHCP server group and the server group itself will be removed.
By default, no DHCP server is specified for a DHCP server group.
Note that:
l The IP address of any DHCP server and any interface’s IP address of the DHCP relay agent cannot be in the same network segment. Otherwise, the client may fail to obtain an IP address.
l If a server group has been correlated to multiple interfaces, you need to cancel these correlations before removing the server group.
Related commands: display dhcp relay server-group.
Examples
# Specify DHCP server 1.1.1.1 for DHCP server group 1 on the relay agent.
<Sysname> system-view
[Sysname] dhcp relay server-group 1 ip 1.1.1.1
dhcp relay server-select
Syntax
dhcp relay server-select group-id
undo dhcp relay server-select
View
Interface view
Default Level
2: System level
Parameters
group-id: DHCP server group number to be correlated, in the range of 0 to 19.
Description
Use the dhcp relay server-select command to correlate specified interface(s) to a specified DHCP server group.
Use the undo dhcp relay server-select command to remove a configured correlation.
By default, no DHCP server group is correlated with an interface on the relay agent.
Note that:
l A DHCP server group can correlate with one or multiple DHCP relay agent interfaces.
l A relay agent interface can only correlate with one DHCP server group, and a newly configured correlation overwrites the previous one. If the server group in the new correlation does not exist, the new configuration will not work. The interface still maintains the previous correlation.
l The DHCP server group referenced in this command should have been configured by using the dhcp relay server-group command.
Related commands: dhcp relay server-group, display dhcp relay.
Examples
# Correlate VLAN-interface 1 to DHCP server group 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay server-select 1
dhcp select relay
Syntax
dhcp select relay
undo dhcp select relay
View
Interface view
Default Level
2: System level
Parameters
None
Description
Use the dhcp select relay command to enable the relay agent on the current interface. Upon receiving requests from an enabled interface, the relay agent will forward these requests to outside DHCP servers for IP address allocation.
Use the undo dhcp select relay command to restore the default.
After DHCP is enabled, the DHCP server is enabled on an interface by default. That is, upon receiving a client’s request from the interface, the DHCP server allocates an IP address from the DHCP address pool to the client.
When the working mode of the interface is changed from DHCP server to DHCP relay agent, neither the IP address leases nor the authorized ARP entries will be deleted. However, these ARP entries may conflict with new ARP entries generated on the DHCP relay agent; therefore, you are recommended to delete the existing IP address leases when changing the interface working mode to DHCP relay agent.
Examples
# Enable the DHCP relay agent on VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp select relay
display dhcp relay
Syntax
display dhcp relay { all | interface interface-type interface-number }
View
Any view
Default Level
1: Monitor level
Parameters
all: Displays information of DHCP server groups that all interfaces correspond to.
interface interface-type interface-number: Displays information of the DHCP server group that a specified interface corresponds to.
Description
Use the display dhcp relay command to display information about DHCP server groups correlated to an interface or all interfaces.
Examples
# Display information about DHCP server groups correlated to all interfaces.
<Sysname> display dhcp relay all
Interface name Server-group
Vlan-interface 1 2
Table 1-1 display dhcp relay all command output description
|
Field |
Description |
|
Server-group |
DHCP server group number correlated to the interface. |
display dhcp relay information
Syntax
display dhcp relay information { all | interface interface-type interface-number }
View
Any view
Default Level
1: Monitor level
Parameters
all: Displays the Option 82 configuration information of all interfaces.
interface interface-type interface-number: Displays the Option 82 configuration information of a specified interface.
Description
Use the display dhcp relay information command to display Option 82 configuration information on the DHCP relay agent.
Examples
# Display the Option 82 configuration information of all interfaces.
<Sysname> display dhcp relay information all
Interface: Vlan-interface100
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: abaci
User defined:
Circuit ID: company001
Interface: Vlan-interface200
Status: Enable
Strategy: Keep
Format: Normal
Circuit ID format-type: HEX
Remote ID format-type: ASCII
User defined:
Remote ID: device001
Table 1-2 display dhcp relay information all command output description
|
Field |
Description |
|
Interface |
Interface name |
|
Status |
Option 82 state, which can be Enable or Disable. |
|
Strategy |
Handling strategy for requesting messages containing Option 82, which can be Drop, Keep, or Replace. |
|
Format |
Padding format of Option 82, which can be Normal or Verbose. |
|
Circuit ID format-type |
Non-user-defined code type of the circuit ID sub-option, which can be ASCII or HEX. |
|
Remote ID format-type |
Non-user-defined code type of the remote ID sub-option, which can be ASCII or HEX. |
|
Node identifier |
Access node identifier |
|
User defined |
Content of user-defined sub-options |
|
Circuit ID |
User-defined padding content of the circuit ID sub-option |
|
Remote ID |
User-defined padding content of the remote ID sub-option |
display dhcp relay security
display dhcp relay security [ ip-address | dynamic | static ]
View
Any view
Default Level
1: Monitor level
Parameters
ip-address: Displays the binding information of an IP address.
dynamic: Displays information about dynamic bindings.
static: Displays information about static bindings.
Description
Use the display dhcp relay security command to display information about bindings of DHCP relay agents. If no parameter is specified, information about all bindings will be displayed.
Examples
# Display information about all bindings.
<Sysname> display dhcp relay security
IP Address MAC Address Type Interface
10.1.1.1 00e0-0000-0001 Static Vlan1
10.1.1.5 00e0-0000-0000 Static Vlan2
--- 2 dhcp-security item(s) found ---
Table 1-3 display dhcp relay security command output description
|
Field |
Description |
|
IP Address |
Client IP address |
|
MAC Address |
Client MAC address |
|
Type |
Type of binding, including dynamic, static, and temporary. |
|
Interface |
Layer 3 interface connecting to the DHCP client. If no interface is recorded in the binding entry, “N/A” is displayed. |
display dhcp relay security statistics
Syntax
display dhcp relay security statistics
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display dhcp relay security statistics command to display statistics information about bindings of DHCP relay agents.
Examples
# Display statistics about bindings of DHCP relay agents.
<Sysname> display dhcp relay security statistics
Static Items :1
Dynamic Items :0
Temporary Items :0
All Items :1
Table 1-4 display dhcp relay security statistics command output description
|
Field |
Description |
|
Static Items |
Static binding items |
|
Dynamic Items |
Dynamic binding items |
|
Temporary Items |
Temporary binding items |
|
All Items |
All binding items |
display dhcp relay security tracker
Syntax
display dhcp relay security tracker
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display dhcp relay security tracker command to display the interval for refreshing dynamic bindings on the relay agent.
Examples
# Display the interval for refreshing dynamic bindings on the relay agent.
<Sysname> display dhcp relay security tracker
Current tracker interval : 10s
The interval is 10 seconds.
display dhcp relay server-group
Syntax
display dhcp relay server-group { group-id | all }
View
Any view
Default Level
1: Monitor level
Parameters
group-id: Displays the information of the specified DHCP server group numbered from 0 to 19.
all: Displays the information of all DHCP server groups.
Description
Use the display dhcp relay server-group command to display the configuration information of a specified or all DHCP server groups.
Examples
# Display IP addresses of DHCP servers in DHCP server group 1.
<Sysname> display dhcp relay server-group 1
No. Group IP
1 1.1.1.1
2 1.1.1.2
Table 1-5 display dhcp relay server-group command output description
|
Field |
Description |
|
No. |
Sequence number |
|
Group IP |
IP address in the server group |
display dhcp relay statistics
Syntax
display dhcp relay statistics [ server-group { group-id | all } ]
View
Any view
Default Level
1: Monitor level
Parameters
group-id: Specifies a server group number in the range of 0 to 19 about which to display DHCP packet statistics.
all: Specifies all server groups about which to display DHCP packet statistics. Information for each group will be displayed.
Description
Use the display dhcp relay statistics command to display DHCP packet statistics related to a specified or all DHCP server groups.
Note that if no parameter (server-group and all) is specified, all DHCP packet statistics on the relay agent will be displayed.
Related commands: reset dhcp relay statistics.
Examples
# Display all DHCP packet statistics on the relay agent.
<Sysname> display dhcp relay statistics
Bad packets received: 0
DHCP packets received from clients: 0
DHCPDISCOVER packets received: 0
DHCPREQUEST packets received: 0
DHCPINFORM packets received: 0
DHCPRELEASE packets received: 0
DHCPDECLINE packets received: 0
BOOTPREQUEST packets received: 0
DHCP packets received from servers: 0
DHCPOFFER packets received: 0
DHCPACK packets received: 0
DHCPNAK packets received: 0
BOOTPREPLY packets received: 0
DHCP packets relayed to servers: 0
DHCPDISCOVER packets relayed: 0
DHCPREQUEST packets relayed: 0
DHCPINFORM packets relayed: 0
DHCPRELEASE packets relayed: 0
DHCPDECLINE packets relayed: 0
BOOTPREQUEST packets relayed: 0
DHCP packets relayed to clients: 0
DHCPOFFER packets relayed: 0
DHCPACK packets relayed: 0
DHCPNAK packets relayed: 0
BOOTPREPLY packets relayed: 0
DHCP packets sent to servers: 0
DHCPDISCOVER packets sent: 0
DHCPREQUEST packets sent: 0
DHCPINFORM packets sent: 0
DHCPRELEASE packets sent: 0
DHCPDECLINE packets sent: 0
BOOTPREQUEST packets sent: 0
DHCP packets sent to clients: 0
DHCPOFFER packets sent: 0
DHCPACK packets sent: 0
DHCPNAK packets sent: 0
BOOTPREPLY packets sent: 0
# Display DHCP packet statistics related to every server group on the relay agent.
<Sysname> display dhcp relay statistics server-group all
DHCP relay server-group #0
Packet type Packet number
Client -> Server:
DHCPDISCOVER 0
DHCPREQUEST 0
DHCPINFORM 0
DHCPRELEASE 0
DHCPDECLINE 0
BOOTPREQUEST 0
Server -> Client:
DHCPOFFER 0
DHCPACK 0
DHCPNAK 0
BOOTPREPLY 0
reset dhcp relay statistics
Syntax
reset dhcp relay statistics [ server-group group-id ]
View
User view
Default Level
1: Monitor level
Parameters
server-group group-id: Specifies a server group ID (in the range of 0 to 19) about which to remove statistics from the relay agent.
Description
Use the reset dhcp relay statistics command to remove statistics from the relay agent.
If no server-group is specified, all statistics will be removed from the relay agent.
Related commands: display dhcp relay statistics.
Examples
# Remove all statistics from the DHCP relay agent.
<Sysname> reset dhcp relay statistics
When multiple VLAN interfaces having the same MAC address use DHCP for IP address acquisition via a relay agent, the DHCP server cannot be the Windows 2000 Server or Windows 2003 Server.
DHCP Client Configuration Commands
display dhcp client
Syntax
display dhcp client [ verbose ] [ interface interface-type interface-number ]
View
Any view
Default Level
1: Monitor level
Parameters
verbose: Specifies verbose DHCP client information to be displayed.
interface interface-type interface-number: Specifies an interface of which to display DHCP client information.
Description
Use the display dhcp client command to display DHCP client information. If no interface interface-type interface-number is specified, DHCP client information of all interfaces will be displayed.
Examples
# Display DHCP client information of all interfaces.
<Sysname> display dhcp client
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
DHCP server: 40.1.1.2
# Display verbose DHCP client information.
<Sysname> display dhcp client verbose
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
Lease from 2005.08.13 15:37:59 to 2005.08.16 15:37:59
DHCP server: 40.1.1.2
Transaction ID: 0x1c09322d
Default router: 40.1.1.2
Classless static route:
Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16
Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16
DNS server: 44.1.1.11
DNS server: 44.1.1.12
Domain name: ddd.com
Boot server: 200.200.200.200 1.1.1.1
Client ID: 3030-3066-2e65-3234-
392e-3830-3438-2d56-
6c61-6e2d-696e-7465-
7266-6163-6531
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.
Table 2-1 display dhcp client command output description
|
Field |
Description |
|
Vlan-interface1 DHCP client information |
Information of the interface acting as the DHCP client |
|
Current machine state |
Current state of the DHCP client, which can be: l HALT: Indicates that the client stops applying for an IP address. l INIT: Indicates the initialization state. l SELECTING: Indicates that the client has sent out a DHCP-DISCOVER message in search of a DHCP server and is waiting for the response from DHCP servers. l REQUESTING: Indicates that the client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from DHCP servers. l BOUND: Indicates that the client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully. l RENEWING: Indicates that the T1 timer expires. l REBOUNDING: Indicates that the T2 timer expires. |
|
Allocated IP |
The IP address allocated by the DHCP server |
|
Allocated lease |
The allocated lease time |
|
T1 |
The 1/2 lease time (in seconds) of the DHCP client IP address |
|
T2 |
The 7/8 lease time (in seconds) of the DHCP client IP address |
|
Lease from….to…. |
The start and end time of the lease. |
|
DHCP Server |
DHCP server IP address that assigned the IP address |
|
Transaction ID |
Transaction ID, a random number chosen by the client to identify an IP address allocation. |
|
Default router |
The gateway address assigned to the client |
|
Classless static route |
Classless static routes assigned to the client |
|
Static route |
Classful static routes assigned to the client |
|
DNS server |
The DNS server address assigned to the client |
|
Domain name |
The domain name suffix assigned to the client |
|
Boot server |
PXE server addresses (up to 16 addresses) specified for the DHCP client, which are obtained through Option 43. |
|
Client ID |
Client ID |
|
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds. |
How long the T1 (1/2 lease time) timer will timeout. |
ip address dhcp-alloc
Syntax
ip address dhcp-alloc [ client-identifier mac interface-type interface-number ]
undo ip address dhcp-alloc
View
Interface view
Default Level
2: System level
Parameters
client-identifier mac interface-type interface-number: Specifies the MAC address of an interface using which as the client ID to obtain an IP address.
Description
Use the ip address dhcp-alloc command to configure an interface to use DHCP for IP address acquisition.
Use the undo ip address dhcp-alloc command to cancel an interface from using DHCP.
By default, an interface does not use DHCP for IP address acquisition.
Note that:
l If no parameter is specified, the client uses a character string comprised of the current interface name and MAC address as its ID for address acquisition.
l The DHCP client sends a DHCP-RELEASE message for releasing the IP address obtained via DHCP, if the interface of the client is down, the message cannot be sent.
Examples
# Configure VLAN-interface 1 to use DHCP for IP address acquisition.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address dhcp-alloc
The DHCP snooping enabled device does not work if it is between the DHCP relay agent and DHCP server, and it can work when it is between the DHCP client and relay agent or between the DHCP client and server.
DHCP Snooping Configuration Commands
dhcp-snooping
Syntax
dhcp-snooping
undo dhcp-snooping
View
System view
Default Level
2: System level
Parameters
None
Description
Use the dhcp-snooping command to enable DHCP snooping.
Use the undo dhcp-snooping command to disable DHCP snooping.
With DHCP snooping disabled, all ports can forward responses from any DHCP servers and does not record binding information about MAC addresses of DHCP clients and the obtained IP addresses.
By default, DHCP snooping is disabled.
Related commands: display dhcp-snooping.
Examples
# Enable DHCP snooping.
<Sysname> system-view
[Sysname] dhcp-snooping
dhcp-snooping information circuit-id format-type
Syntax
dhcp-snooping information circuit-id format-type { ascii | hex }
undo dhcp-snooping information circuit-id format-type
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Description
Use the dhcp-snooping information circuit-id format-type command to configure the code type for the non-user-defined circuit ID sub-option.
Use the undo dhcp-snooping information circuit-id format-type command to restore the default.
By default, the code type for the circuit ID sub-option depends on the padding format of Option 82. Each field has its own code type.
Note that:
This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option using the dhcp-snooping information circuit-id string command, ASCII is adopted as the code type.
Related commands: display dhcp-snooping information.
Examples
# Configure the padding format for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information circuit-id format-type ascii
dhcp-snooping information circuit-id string
Syntax
dhcp-snooping information [ vlan vlan-id ] circuit-id string circuit-id
undo dhcp-snooping information [ vlan vlan-id ] circuit-id string
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.
circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Description
Use the dhcp-snooping information circuit-id string command to configure the padding content for the user-defined circuit ID sub-option.
Use the undo dhcp-snooping information circuit-id string command to restore the default.
By default, the padding content for the circuit ID sub-option depends on the padding format of Option 82.
Note that:
l After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.
l If a VLAN is specified, the configured circuit ID sub-option only takes effect within the VLAN; if no VLAN is specified, the configured circuit ID sub-option takes effect in all VLANs. The former case has a higher priority; that is, the circuit ID sub-option specified for a VLAN will be padded for packets within the VLAN.
Related commands: dhcp-snooping information format, display dhcp-snooping information.
Examples
# Configure the global padding content for the user-defined circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information circuit-id string company001
dhcp-snooping information enable
Syntax
dhcp-snooping information enable
undo dhcp-snooping information enable
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
None
Description
Use the dhcp-snooping information enable command to configure DHCP snooping to support Option 82.
Use the undo dhcp-snooping information enable command to disable this function.
By default, DHCP snooping does not support Option 82.
Related commands: display dhcp-snooping information.
Examples
# Configure DHCP snooping to support Option 82.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
dhcp-snooping information format
Syntax
dhcp-snooping information format { normal | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp-snooping information format [ verbose node-identifier ]
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
normal: Specifies the normal padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.
l mac indicates using MAC address as the node identifier.
l sysname indicates using the device name of a node as the node identifier.
l user-defined node-identifier indicates using a specified character string as the node identifier, in which node-identifier is a string of 1 to 50 characters.
Description
Use the dhcp-snooping information format command to specify the padding format for Option 82.
Use the undo dhcp-snooping information format command to restore the default.
By default, the padding format for Option 82 is normal.
Note that when you use the undo dhcp-snooping information format command, if the verbose node-identifier argument is not specified, the padding format will be restored to normal; if the verbose node-identifier argument is specified, the padding format will be restored to verbose with MAC address as the node identifier.
Related commands: display dhcp-snooping information.
Examples
# Specify the padding format as verbose for Option 82.
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information strategy replace
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information format verbose
dhcp-snooping information remote-id format-type
Syntax
dhcp-snooping information remote-id format-type { ascii | hex }
undo dhcp-snooping information remote-id format-type
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Description
Use the dhcp-snooping information remote-id format-type command to configure the code type for the non-user-defined remote ID sub-option.
Use the undo dhcp-snooping information remote-id format-type command to restore the default.
By default, the code type for the remote ID sub-option is HEX.
Note that:
This command applies to configuring a non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option using the dhcp-snooping information remote-id string command, ASCII is adopted as the code type.
Related commands: display dhcp-snooping information.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information remote-id format-type ascii
dhcp-snooping information remote-id string
Syntax
dhcp-snooping information [ vlan vlan-id ] remote-id string { remote-id | sysname }
undo dhcp-snooping information [ vlan vlan-id ] remote-id string
View
Layer 2 Ethernet port view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.
remote-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Description
Use the dhcp-snooping information remote-id string command to configure the padding content for the user-defined remote ID sub-option.
Use the undo dhcp-snooping information remote-id string command to restore the default.
By default, the padding content for the remote ID sub-option depends on the padding format of Option 82.
Note that:
l After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.
l If a VLAN is specified, the configured remote ID sub-option only takes effect within the VLAN; if no VLAN is specified, the configured remote ID sub-option takes effect in all VLANs. The former case has a higher priority; that is, the remote ID sub-option configured for a VLAN will be padded for the packets within the VLAN.
If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string “Sysname” command.
Related commands: dhcp-snooping information format, display dhcp-snooping information.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information remote-id string device001
dhcp-snooping information strategy
Syntax
dhcp-snooping information strategy { drop | keep | replace }
undo dhcp-snooping information strategy
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default Level
2: System level
Parameters
drop: Drops the requesting message containing Option 82.
keep: Forwards the requesting message containing Option 82 without changing Option 82.
replace: Forwards the requesting message containing Option 82 after replacing the original Option 82 with the one padded in specified format.
Description
Use the dhcp-snooping information strategy command to configure the handling strategy for Option 82 in requesting messages.
Use the undo dhcp-snooping information strategy command to restore the default.
By default, the handling strategy for Option 82 in requesting messages is replace.
Related commands: display dhcp-snooping information.
Examples
# Configure the handling strategy for Option 82 in requesting messages as keep.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information strategy keep
dhcp-snooping trust
Syntax
dhcp-snooping trust [ no-user-binding ]
undo dhcp-snooping trust
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
no-user-binding: Specifies the port not to record the clients’ IP-to-MAC bindings in DHCP requests it receives. The command without this keyword records the IP-to-MAC bindings of clients.
Description
Use the dhcp-snooping trust command to configure a port as a trusted port.
Use the undo dhcp-snooping trust command to restore the default state of a port.
All ports are untrusted by default.
After enabling DHCP snooping, you need to specify the ports connected to the valid DHCP servers as trusted to ensure that DHCP clients can obtain valid IP addresses.
Related commands: display dhcp-snooping trust.
Examples
# Specify GigabitEthernet 1/0/1 as a trusted port and enable it to record the IP-to-MAC bindings of clients.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping trust
display dhcp-snooping
Syntax
display dhcp-snooping [ ip ip-address ]
View
Any view
Default Level
1: Monitor level
Parameters
ip ip-address: Displays the DHCP snooping entries corresponding to the specified IP address.
Description
Use the display dhcp-snooping command to display DHCP snooping entries.
Only the DHCP snooping entries containing IP-to-MAC bindings that are present both in the DHCP-ACK and DHCP-REQUEST messages are displayed by using the display dhcp-snooping command.
Related commands: dhcp-snooping, reset dhcp-snooping.
Examples
# Display all DHCP snooping entries.
<Sysname> display dhcp-snooping
DHCP Snooping is enabled.
The client binding table for all untrusted ports.
Type : D--Dynamic , S--Static
Type IP Address MAC Address Lease VLAN Interface
==== =============== =============== ========== ==== =================
D 10.1.1.1 00e0-fc00-0006 286 1 GigabitEthernet1/0/1
--- 1 dhcp-snooping item(s) found ---
Table 3-1 display dhcp snooping command output description
|
Field |
Description |
|
Type |
Binding type, which can be: l D: Dynamic IP-to-MAC binding. l S: Static IP-to-MAC binding. Currently, static IP-to-MAC bindings are not supported. |
|
IP Address |
IP address assigned to the DHCP client |
|
MAC Address |
MAC address of the DHCP client |
|
Lease |
Lease period left (in seconds) |
|
VLAN |
VLAN where the port connecting the DHCP client resides |
|
Interface |
Port to which the DHCP client is connected |
display dhcp-snooping information
Syntax
display dhcp-snooping information { all | interface interface-type interface-number }
View
Any view
Default Level
1: Monitor level
Parameters
all: Displays the Option 82 configuration information of all Layer 2 Ethernet interfaces.
interface interface-type interface-number: Displays the Option 82 configuration information of a specified interface.
Description
Use the display dhcp-snooping information command to display Option 82 configuration information on the DHCP snooping device.
Examples
# Display the Option 82 configuration information of all interfaces.
<Sysname> display dhcp-snooping information all
Interface: GigabitEthernet1/0/1
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: aabbcc
User defined:
Circuit ID: company001
display dhcp-snooping packet statistics
Syntax
display dhcp-snooping packet statistics
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display dhcp-snooping packet statistics command to display DHCP packet statistics on the DHCP snooping device.
Related commands: reset dhcp-snooping packet statistics.
Examples
# Display DHCP packet statistics on the DHCP snooping device.
<Sysname> display dhcp-snooping packet statistics
DHCP packets received : 100
DHCP packets sent : 200
Packets dropped due to rate limitation : 20
Dropped invalid packets : 0
display dhcp-snooping trust
Syntax
display dhcp-snooping trust
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display dhcp-snooping trust command to display information about trusted ports.
Related commands: dhcp-snooping trust.
Examples
# Display information about trusted ports.
<Sysname> display dhcp-snooping trust
DHCP Snooping is enabled.
DHCP Snooping trust becomes active.
Interface Trusted
========================= ============
GigabitEthernet1/0/1 Trusted
The above output shows that DHCP snooping is enabled, DHCP snooping trust is active, and port GigabitEthernet1/0/1 is trusted.
reset dhcp-snooping
Syntax
reset dhcp-snooping { all | ip ip-address }
View
User view
Default Level
1: Monitor level
Parameters
all: Clears all DHCP snooping entries.
ip ip-address: Clears the DHCP snooping entries of the specified IP address.
Description
Use the reset dhcp-snooping command to clear DHCP snooping entries.
DHCP snooping entries on all slots will be cleared after you execute this command.
Related commands: display dhcp-snooping.
Examples
# Clear all DHCP snooping entries.
<Sysname> reset dhcp-snooping all
reset dhcp-snooping packet statistics
Syntax
reset dhcp-snooping packet statistics
View
User view
Default Level
2: System level
Parameters
None
Description
Use the reset dhcp-snooping packet statistics command to clear DHCP packet statistics on the DHCP snooping device.
Related commands: display dhcp-snooping packet statistics.
Examples
# Clear DHCP packet statistics on the DHCP snooping device.
<Sysname> reset dhcp-snooping packet statistics
If several VLAN interfaces sharing the same MAC address obtain IP addresses through a BOOTP relay agent, the BOOTP server cannot be a Windows 2000 Server or Windows 2003 Server.
BOOTP Client Configuration Commands
display bootp client
Syntax
display bootp client [ interface interface-type interface-number ]
View
Any view
Default Level
1: Monitor level
Parameters
interface interface-type interface-number: Displays the BOOTP client information of the interface.
Description
Use the display bootp client command to display related information about a BOOTP client.
Note:
l If interface interface-type interface-number is not specified, the command will display information about BOOTP clients on all interfaces.
l If interface interface-type interface-number is specified, the command will display information about the BOOTP client on the specified interface.
Examples
# Display related information of the BOOTP client on VLAN-interface 1.
<Sysname> display bootp client interface vlan-interface 1
Vlan-interface1 BOOTP client information:
Allocated IP: 169.254.0.2 255.255.0.0
Transaction ID = 0x3d8a7431
Mac Address 00e0-fc0a-c3ef
Table 4-1 display bootp client command output description
|
Field |
Description |
|
Ethernet1/1 BOOTP client information or Vlan-interface1 BOOTP client information |
Information of the interface serving as a BOOTP client |
|
Allocated IP |
BOOTP client’s IP address allocated by the BOOTP server |
|
Transaction ID |
Value of the XID field in a BOOTP message, namely, a random number chosen while the BOOTP client sends a BOOTP request to the BOOTP server. It is used to match a response message from the BOOTP server. If the values of the XID field are different in the BOOTP response and request, the BOOTP client will drop the BOOTP response. |
|
Mac Address |
MAC address of a BOOTP client |
ip address bootp-alloc
Syntax
ip address bootp-alloc
undo ip address bootp-alloc
View
Interface view
Default Level
2: System level
Parameters
None
Description
Use the ip address bootp-alloc command to enable an interface to obtain an IP address through BOOTP.
Use the undo ip address bootp-alloc command to disable the interface from obtaining an IP address through BOOTP.
By default, an interface does not obtain an IP address through BOOTP.
Related commands: display bootp client.
Examples
# Configure VLAN-interface 1 to obtain IP address through BOOTP protocol.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address bootp-alloc
