Login
- Table of Contents
-
- 06-Layer 3 - IP Services Command Reference
- 00-Preface
- 01-ARP Commands
- 02-IP Addressing Commands
- 03-DHCP Commands
- 04-DNS Commands
- 05-NAT Commands
- 06-IP Forwarding Basics Commands
- 07-Adjacency Table Commands
- 08-IP Performance Optimization Commands
- 09-UDP Helper Commands
- 10-IPv6 Basics Commands
- 11-DHCPv6 Commands
- 12-IPv6 DNS Commands
- 13-Tunneling Commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 03-DHCP Commands | 408.33 KB |
Contents
DHCP server configuration commands
dhcp select server global-pool
dhcp server client-detect enable
dhcp server relay information enable
dhcp update arp (for DHCP server)
display dhcp server forbidden-ip
display dhcp server statistics
DHCP relay agent configuration commands
dhcp relay address-check enable
dhcp relay client-detect enable
dhcp relay information circuit-id format-type
dhcp relay information circuit-id string
dhcp relay information remote-id format-type
dhcp relay information remote-id string
dhcp relay information strategy
dhcp relay security refresh enable
display dhcp relay information
display dhcp relay security statistics
display dhcp relay security tracker
display dhcp relay server-group
DHCP client configuration commands
DHCP snooping configuration commands
dhcp-snooping binding database filename
dhcp-snooping binding database update interval
dhcp-snooping binding database update now
dhcp-snooping check mac-address
dhcp-snooping check request-message
dhcp-snooping information circuit-id format-type
dhcp-snooping information circuit-id string
dhcp-snooping information enable
dhcp-snooping information format
dhcp-snooping information remote-id format-type
dhcp-snooping information remote-id string
dhcp-snooping information strategy
dhcp-snooping information sub-option
display dhcp-snooping binding database
display dhcp-snooping information
display dhcp-snooping packet statistics
reset dhcp-snooping packet statistics
|
|
NOTE: · The switch supports two operation modes: standalone (default) and IRF. For more information about IRF mode, see IRF Configuration Guide. · The DHCP server configuration is supported only on Layer 3 Ethernet interfaces (or subinterfaces), VLAN interfaces, Layer 3 aggregate interfaces, and loopback interfaces. The subaddress pool configuration is not supported on loopback interfaces. |
bims-server
Syntax
bims-server ip ip-address [ port port-number ] sharekey key
undo bims-server
View
DHCP address pool view
Default level
2: System level
Parameters
ip ip-address: Specifies the IP address of a BIMS server.
port port-number: Specifies the port number of the BIMS server in the range of 1 to 65534.
sharekey key: Specifies a shared key for the BIMS server, a string of 1 to 16 characters.
Description
Use the bims-server command to specify the IP address, port number, and shared key of the BIMS server in the DHCP address pool for the client.
Use the undo bims-server command to remove the specified BIMS server information.
By default, no BIMS server information is specified.
If you execute the bims-server command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the IP address 1.1.1.1, port number 80, shared key aabbcc of the BIMS server in DHCP address pool 0 for the client.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] bims-server ip 1.1.1.1 port 80 sharekey aabbcc
bootfile-name
Syntax
bootfile-name bootfile-name
undo bootfile-name
View
DHCP address pool view
Default level
2: System level
Parameters
bootfile-name: Boot file name, a string of 1 to 63 characters.
Description
Use the bootfile-name command to specify a bootfile name in the DHCP address pool for the client.
Use the undo bootfile-name command to remove the specified bootfile name.
By default, no bootfile name is specified.
If you execute the bootfile-name command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the bootfile name aaa.cfg in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] bootfile-name aaa.cfg
dhcp enable (for DHCP server)
Syntax
dhcp enable
undo dhcp enable
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp enable command to enable DHCP.
Use the undo dhcp enable command to disable DHCP.
By default, DHCP is disabled.
|
|
NOTE: You need to enable DHCP before performing DHCP server and relay agent configurations. |
Examples
# Enable DHCP.
<Sysname> system-view
[Sysname] dhcp enable
dhcp server apply ip-pool
Syntax
dhcp server apply ip-pool pool-name
undo dhcp server apply ip-pool [ pool-name ]
View
Interface view
Default level
2: System level
Parameters
pool-name: DHCP address pool name, a case-insensitive string in the range of 1 to 35 characters.
Description
Use the dhcp server apply ip-pool command to apply an extended address pool on an interface.
Use the undo dhcp server apply ip-pool command to remove the configuration.
By default, no extended address pool is applied on an interface, and the server assigns an IP address from a common address pool to a client when the client's request arrives at the interface.
Note the following:
· If you execute the dhcp server apply ip-pool command on an interface, when a client's request arrives at the interface, the server attempts to assign the client the statically bound IP address first and then an IP address from this extended address pool.
· Only an extended address pool can be applied on an interface. The address pool to be referenced must already exist.
Related commands: dhcp server ip-pool.
Examples
# Apply extended DHCP address pool 0 on VLAN-interface 100.
<Sysname> system-view
[Sysname] interface vlan-interface 100
[Sysname-Vlan-interface100] dhcp server apply ip-pool 0
dhcp select server global-pool
Syntax
dhcp select server global-pool [ subaddress ]
undo dhcp select server global-pool [ subaddress ]
View
Interface view
Default level
2: System level
Parameters
subaddress: Supports secondary address allocation. When the DHCP server and client are on the same network segment, the server preferably assigns an IP address from an address pool that resides on the same subnet as the primary IP address of the server interface (connecting to the client). If the address pool contains no assignable IP address, the server assigns an IP address from an address pool that resides on the same subnet as the secondary IP addresses of the server interface. If the interface has multiple secondary IP addresses, each address pool is tried in turn for address allocation. Without the keyword subaddress specified, the DHCP server can only assign an IP address from the address pool that resides on the same subnet as the primary IP address of the server interface.
Description
Use the dhcp select server global-pool command to enable the DHCP server on specified interface(s). After the interface receives a DHCP request, the DHCP server will allocate an IP address from the address pool.
Use the undo dhcp select server global-pool command to remove the configuration. Upon receiving a DHCP request from a client, the interface will neither assign an IP address to the client, nor serve as a DHCP relay agent to forward the request.
Use the undo dhcp select server global-pool subaddress command to cancel the support for subaddress allocation.
By default, the DHCP server is enabled on an interface.
Examples
# Enable the DHCP server on VLAN-interface 2.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp select server global-pool
dhcp server client-detect enable
Syntax
dhcp server client-detect enable
undo dhcp server client-detect enable
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp server client-detect enable command to enable client off-line detection on the DHCP server.
Use the undo dhcp server client-detect enable command to disable the function.
By default, the function is disabled.
With this feature enabled, the DHCP server considers a DHCP client goes offline when the ARP entry for the client ages out. In addition, it removes the client entry and releases the IP address of the client.
Examples
# Enable client off-line detection on the DHCP server.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp server client-detect enable
dhcp server detect
Syntax
dhcp server detect
undo dhcp server detect
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp server detect command to enable unauthorized DHCP server detection.
Use the undo dhcp server detect command to disable the function.
By default, the function is disabled.
With this function enabled, upon receiving a DHCP request, the DHCP server will record the IP addresses of DHCP servers which ever offered IP addresses to the DHCP client and the receiving interface. Each server detected is recorded only once. The administrator can use this information from logs to check for unauthorized DHCP servers.
With unauthorized DHCP server detection enabled, the switch puts a record once for each DHCP server, and the administrator needs to find unauthorized DHCP servers from the log information.
Examples
# Enable unauthorized DHCP server detection.
<Sysname> system-view
[Sysname] dhcp server detect
dhcp server forbidden-ip
Syntax
dhcp server forbidden-ip low-ip-address [ high-ip-address ]
undo dhcp server forbidden-ip low-ip-address [ high-ip-address ]
View
System view
Default level
2: System level
Parameters
low-ip-address: Start IP address of the IP address range to be excluded from dynamic allocation.
high-ip-address: End IP address of the IP address range to be excluded from dynamic allocation. The end IP address must have a higher sequence than the start one.
Description
Use the dhcp server forbidden-ip command to exclude IP addresses from dynamic allocation.
Use the undo dhcp server forbidden-ip command to remove the configuration.
By default, all IP addresses in a DHCP address pool are assignable except IP addresses of the DHCP server interfaces.
Note the following:
· When you use the dhcp server forbidden-ip command to exclude an IP address that is bound to a user from dynamic assignment, the address can be still assigned to the user.
· When you use the undo dhcp server forbidden-ip command to remove the configuration, the specified address/address range must be consistent with the one specified with the dhcp server forbidden-ip command. If you have configured to exclude an address range from dynamic assignment, you need to specify the same address range in the undo dhcp server forbidden-ip command instead of specifying one IP address.
· Using the dhcp server forbidden-ip command repeatedly can exclude multiple IP address ranges from allocation.
Related commands: display dhcp server forbidden-ip, dhcp server ip-pool, network, and static-bind ip-address.
Examples
# Exclude the IP address range 10.110.1.1 to 10.110.1.63 from dynamic allocation.
<Sysname> system-view
[Sysname] dhcp server forbidden-ip 10.110.1.1 10.110.1.63
dhcp server ip-pool
Syntax
dhcp server ip-pool pool-name [ extended ]
undo dhcp server ip-pool pool-name
View
System view
Default level
2: System level
Parameters
pool-name: Global address pool name, which is a unique pool identifier, a string of 1 to 35 characters.
extended: Specifies the address pool as an extended address pool. If this keyword is not specified, the address pool is a common address pool.
Description
Use the dhcp server ip-pool command to create a DHCP address pool and enter its view. If the pool was created, you will directly enter its view.
Use the undo dhcp server ip-pool command to remove the specified DHCP address pool.
By default, no DHCP address pool is created.
Related commands: dhcp enable and display dhcp server tree.
Examples
# Create the common address pool identified by 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0]
dhcp server ping packets
Syntax
dhcp server ping packets number
undo dhcp server ping packets
View
System view
Default level
2: System level
Parameters
number: Number of ping packets, in the range of 0 to 10. 0 means no ping operation.
Description
Use the dhcp server ping packets command to specify the maximum number of ping packets on the DHCP server.
Use the undo dhcp server ping packets command to restore the default.
The number defaults to 1.
To avoid IP address conflicts, the DHCP server checks whether an IP address is in use before assigning it to a DHCP client.
The DHCP server pings the IP address to be assigned by using ICMP. If the server gets a response within the specified period, the server selects and pings another IP address. If not, the server pings the IP addresses once again until the specified number of ping packets are sent. If still no response is received, the server assigns the IP address to the requesting client.
Examples
# Specify the maximum number of ping packets as 10.
<Sysname> system-view
[Sysname] dhcp server ping packets 10
dhcp server ping timeout
Syntax
dhcp server ping timeout milliseconds
undo dhcp server ping timeout
View
System view
Default level
2: System level
Parameters
milliseconds: Response timeout value for ping packets in milliseconds, in the range of 0 to 10,000. 0 means no ping operation.
Description
Use the dhcp server ping timeout command to configure response timeout time of the ping packet on the DHCP server.
Use the undo dhcp server ping timeout command to restore the default.
The time defaults to 500 ms.
To avoid IP address conflicts, the DHCP server checks whether an IP address is in use before assigning it to a DHCP client.
The DHCP server pings the IP address to be assigned by using ICMP. If the server gets a response within the specified period, the server selects and pings another IP address. If not, the server pings the IP addresses once again until the specified number of ping packets are sent. If still no response is received, the server assigns the IP address to the requesting client.
Examples
# Specify the response timeout time as 1000 ms.
<Sysname> system-view
[Sysname] dhcp server ping timeout 1000
dhcp server relay information enable
Syntax
dhcp server relay information enable
undo dhcp server relay information enable
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp server relay information enable command to enable the DHCP server to handle Option 82.
Use the undo dhcp server relay information enable command to configure the DHCP server to ignore Option 82.
By default, the DHCP server handles Option 82.
Examples
# Configure the DHCP server to ignore Option 82.
<Sysname> system-view
[Sysname] undo dhcp server relay information enable
dhcp server threshold
Syntax
dhcp server threshold { allocated-ip threshold-value | average-ip-use threshold-value | max-ip-use threshold-value }
undo dhcp server threshold { allocated-ip | average-ip-use | max-ip-use }
View
System view
Default level
2: System level
Parameters
allocated-ip threshold-value: Enables the DHCP server to send trap messages to the network management server when the ratio of successfully allocated IP addresses to received DHCP requests within five minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.
average-ip-use threshold-value: Enables the DHCP server to send trap messages to the network management server when the average IP address utilization of an address pool within five minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.
max-ip-use threshold-value: Enables the DHCP server to send trap messages to the network management server when the maximum IP address utilization of an address pool within five minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.
Description
Use the dhcp server threshold command to enable the DHCP server to send trap messages to the network management server when the specified threshold is reached.
Use the undo dhcp server threshold command to restore the default.
By default, the DHCP server does not send trap messages to the network management server.
Examples
# Enable the DHCP server to send trap messages to the network management server when the ratio of successfully allocated IP addresses to received DHCP requests within five minutes exceeds 50%.
<Sysname> system-view
[Sysname] dhcp server threshold allocated-ip 50
# Enable the DHCP server to send trap messages to the network management server when the average IP address utilization of an address pool within five minutes exceeds 80%.
<Sysname> system-view
[Sysname] dhcp server threshold average-ip-use 80
# Enable the DHCP server to send trap messages to the network management server when the maximum IP address utilization of an address pool within five minutes exceeds 80%.
<Sysname> system-view
[Sysname] dhcp server threshold max-ip-use 80
dhcp update arp (for DHCP server)
|
|
NOTE: This command can be configured only on Ethernet interfaces that work in Layer 3 mode. For more information about the working mode of Ethernet interfaces, see Interface Configuration Guide. |
Syntax
dhcp update arp
undo dhcp update arp
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp update arp command to configure the DHCP server to support authorized ARP.
Use the undo dhcp update arp command to restore the default.
By default, the DHCP server does not support authorized ARP.
Examples
# Configure GigabitEthernet 3/0/1 of the current DHCP server to support authorized ARP.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] port link-mode route
[Sysname-GigabitEthernet3/0/1] dhcp update arp
display dhcp server conflict
Syntax
display dhcp server conflict { all | ip ip-address } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays information about all IP address conflicts.
ip-address: Displays conflict information for the specified IP address.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server conflict command to display information about IP address conflicts.
Related commands: reset dhcp server conflict.
Examples
# Display information about all IP address conflicts.
<Sysname> display dhcp server conflict all
Address Discover time
4.4.4.1 Apr 25 2007 16:57:20
4.4.4.2 Apr 25 2007 17:00:10
--- total 2 entry ---
Table 1 Output description
|
Field |
Description |
|
Address |
Conflicted IP address |
|
Discover Time |
Time when the conflict was discovered |
display dhcp server expired
Syntax
display dhcp server expired { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays the lease expiration information of all DHCP address pools.
ip ip-address: Displays the lease expiration information of a specified IP address.
pool [ pool-name ]: Displays the lease expiration information of a specified address pool. The pool name is a string of 1 to 35 characters. If the pool name is not specified, the lease expiration information of all address pools is displayed.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server expired command to display the lease expiration information of specified DHCP address pool(s) or an IP address.
DHCP will assign these expired IP addresses to DHCP clients after all addresses have been assigned.
Examples
# Display information about lease expirations in all DHCP address pools.
<Sysname> display dhcp server expired all
IP address Client-identifier/ Lease expiration Type
Hardware address
4.4.4.6 3030-3066-2e65-3230- Apr 25 2007 17:10:47 Release
302e-3130-3234-2d45-
7468-6572-6e65-7430-
2f31
--- total 1 entry ---
Table 2 Output description
|
Field |
Description |
|
IP address |
Expired IP addresses |
|
Client-identifier/Hardware address |
IDs or MACs of clients whose IP addresses were expired |
|
Lease expiration |
The lease expiration time |
|
Type |
Types of lease expirations. This field is set to Release. |
display dhcp server free-ip
Syntax
display dhcp server free-ip [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server free-ip command to display information about assignable IP addresses which have never been assigned.
Examples
# Display information about assignable IP addresses.
<Sysname> display dhcp server free-ip
IP Range from 10.0.0.1 to 10.0.0. 254
display dhcp server forbidden-ip
Syntax
display dhcp server forbidden-ip [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server forbidden-ip command to display IP addresses excluded from dynamic allocation in DHCP address pool.
Examples
# Display IP addresses excluded from dynamic allocation in the DHCP address pool.
<Sysname> display dhcp server forbidden-ip
Global:
IP Range from 1.1.0.2 to 1.1.0.3
IP Range from 1.1.1.2 to 1.1.1.3
Pool name: 2
1.1.1.5 1.1.1.6
Table 3 Output description
|
Field |
Description |
|
Global |
Globally excluded IP addresses specified with the dhcp server forbidden-ip command in system view. No address pool can assign these IP addresses. |
|
Pool name |
Excluded IP addresses specified with the forbidden-ip command in DHCP address pool view. They cannot be assigned from the current extended address pool only. |
display dhcp server ip-in-use
Syntax
display dhcp server ip-in-use { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays the binding information of all DHCP address pools.
ip ip-address: Displays the binding information of a specified IP address.
pool [ pool-name ]: Displays the binding information of a specified address pool. The pool name is a string of 1 to 35 characters. If no pool name is specified, the binding information of all address pools is displayed.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server ip-in-use command to display the binding information of DHCP address pool(s) or an IP address.
Related commands: reset dhcp server ip-in-use.
Examples
# Display the binding information of all DHCP address pools.
<Sysname> display dhcp server ip-in-use all
Pool utilization: 0.39%
IP address Client-identifier/ Lease expiration Type
Hardware address
10.1.1.1 4444-4444-4444 NOT Used Manual
10.1.1.2 3030-3030-2e30-3030- May 1 2009 14:02:49 Auto:COMMITTED
662e-3030-3033-2d45-
7468-6572-6e65-7430-
2f31
--- total 2 entry ---
Table 4 Output description
|
Field |
Description |
|
Pool utilization |
Utilization rate of a DHCP address pool · When the binding information of all DHCP address pools is displayed, this field displays the total utilization rate of all DHCP address pools. · When the binding information of a specific DHCP address pool is displayed, this field displays the utilization rate of the DHCP address pool. · When the binding information of a specific IP address is displayed, this field is not displayed. |
|
IP address |
Bound IP address |
|
Client-identifier/Hardware address |
Client’s ID or MAC of the binding |
|
Lease expiration |
Lease expiration time, which can be · Specific time (May 1 2009 14:02:49 in this example): Time when the lease expires · NOT Used: The IP address of the static binding has not been assigned to the specific client. · Unlimited: Infinite lease expiration time |
|
Type |
Binding types, including Manual, Auto:OFFERED and Auto:COMMITTED. · Manual: Static binding · Auto:OFFERED: The binding sent in the DHCP-OFFER message from the server to the client. · Auto:COMMITTED: The binding sent in the DHCP-ACK message from the server to the client. |
|
|
NOTE: In the output of the display dhcp server ip-in-use command, the lease duration of a used static binding is displayed as Unlimited instead of the actual lease duration. To view the actual lease duration, use the display this command in DHCP address pool view. |
display dhcp server statistics
Syntax
display dhcp server statistics [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server statistics command to display the statistics of the DHCP server.
Related commands: reset dhcp server statistics.
Examples
# Display the statistics on the DHCP server.
<Sysname> display dhcp server statistics
Global Pool:
Pool Number: 1
Binding:
Auto: 1
Manual: 0
Expire: 0
BOOTP Request: 10
DHCPDISCOVER: 5
DHCPREQUEST: 3
DHCPDECLINE: 0
DHCPRELEASE: 2
DHCPINFORM: 0
BOOTPREQUEST: 0
BOOTP Reply: 6
DHCPOFFER: 3
DHCPACK: 3
DHCPNAK: 0
BOOTPREPLY: 0
Bad Messages: 0
Table 5 Output description
|
Field |
Description |
|
Global Pool |
Statistics of a DHCP address pool |
|
Pool Number |
The number of address pools |
|
Auto |
The number of dynamic bindings |
|
Manual |
The number of static bindings |
|
Expire |
The number of expired bindings |
|
BOOTP Request |
The number of DHCP requests sent from DHCP clients to the DHCP server. the requests include: · DHCPDISCOVER · DHCPREQUEST · DHCPDECLINE · DHCPRELEASE · DHCPINFORM · BOOTPREQUEST |
|
BOOTP Reply |
The number of DHCP replies sent from the DHCP server to DHCP clients. The replies include: · DHCPOFFER · DHCPACK · DHCPNAK · BOOTPREPLY |
|
Bad Messages |
The number of erroneous messages |
display dhcp server tree
Syntax
display dhcp server tree { all | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays information of all DHCP address pools.
pool [ pool-name ]: Displays information of a specified address pool. The pool name argument is a string of 1 to 35 characters. If no pool name is specified, information of all address pools will be displayed.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server tree command to display information of DHCP address pool(s).
Examples
# Display information of all DHCP address pools.
<Sysname> display dhcp server tree all
Global pool:
Pool name: 0
network 20.1.1.0 mask 255.255.255.0
Sibling node:1
option 2 ip-address 1.1.1.1
expired 1 0 0 0
Pool name: 1
static-bind ip-address 10.10.1.2 mask 255.0.0.0
static-bind mac-address 00e0-00fc-0001
PrevSibling node:0
expired unlimited
Extended pool:
Pool name: 2
network ip range 1.1.1.0 1.1.1.255
network mask 255.255.255.0
expired 0 0 2 0
Table 6 Output description
|
Field |
Description |
|
Global pool |
Information of a common address pool |
|
Pool name |
Address pool name |
|
network |
Network segment for address allocation |
|
static-bind ip-address 10.10.1.2 mask 255.0.0.0 static-bind mac-address 00e0-00fc-0001 |
The IP address and MAC address of the static binding |
|
Sibling node |
The sibling node of the current node, nodes of this kind in the output information include: · Child node: The child node (subnet segment) address pool of the current node · Parent node: The parent node (nature network segment) address pool of the current node · Sibling node: The latter sibling node of the current node (another subnet of the same nature network). The earlier the sibling node is configured, the higher order the sibling node has. · PrevSibling node: The previous sibling node of the current node |
|
option |
Self-defined DHCP options |
|
expired |
The lease duration, in the format of day, hour, minute, and second |
|
Extended pool |
Information of an extended address pool |
|
network ip range |
Range of assignable IP addresses in the extended address pool |
|
network mask |
Mask of IP addresses assigned from the extended address pool |
dns-list
Syntax
dns-list ip-address&<1-8>
undo dns-list { ip-address | all }
View
DHCP address pool view
Default level
2: System level
Parameters
ip-address&<1-8>: DNS server IP address. &<1-8> means you can specify up to eight DNS server addresses separated by spaces.
all: Specifies all DNS server addresses to be removed.
Description
Use the dns-list command to specify DNS server addresses in a DHCP address pool.
Use the undo dns-list command to remove DNS server addresses from a DHCP address pool.
By default, no DNS server address is specified.
If you repeatedly use the dns-list command, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the DNS server address 10.1.1.254 for the DHCP client in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] dns-list 10.1.1.254
domain-name
Syntax
domain-name domain-name
undo domain-name
View
DHCP address pool view
Default level
2: System level
Parameters
domain-name: Domain name suffix for DHCP clients, a string of 1 to 50 characters.
Description
Use the domain-name command to specify a domain name suffix for the DHCP clients in the DHCP address pool.
Use the undo domain-name command to remove the specified domain name suffix.
No domain name suffix is specified by default.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify a domain name suffix of mydomain.com for the DHCP clients in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] domain-name mydomain.com
expired
Syntax
expired { day day [ hour hour [ minute minute [ second second ] ] ] | unlimited }
undo expired
View
DHCP address pool view
Default level
2: System level
Parameters
day day: Specifies the number of days, in the range of 0 to 365.
hour hour: Specifies the number of hours, in the range of 0 to 23.
minute minute: Specifies the number of minutes, in the range of 0 to 59.
second second: Specifies the number of seconds, in the range of 0 to 59.
unlimited: Specifies the infinite duration, which is actually 136 years.
Description
Use the expired command to specify the lease duration in a DHCP address pool.
Use the undo expired command to restore the default lease duration in a DHCP address pool.
By default, the lease duration of a static address pool is unlimited, and the lease duration of a dynamic address pool is one day.
|
|
NOTE: · The lease duration cannot be less than five seconds. · The specified lease duration takes effect for the static binding, but the lease duration displayed by the display dhcp server ip-in-use all command is still Unlimited. |
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the lease duration as one day, two hours, three minutes, and four seconds in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] expired day 1 hour 2 minute 3 second 4
forbidden-ip
Syntax
forbidden-ip ip-address&<1-8>
undo forbidden-ip { ip-address&<1-8> | all }
View
DHCP extended address pool view
Default level
2: System level
Parameters
ip-address&<1-8>: IP addresses to be excluded from dynamic allocation. &<1-8> indicates that you can specify up to eight IP addresses, separated with spaces.
all: Specifies all the IP addresses excluded from dynamic allocation.
Description
Use the forbidden-ip command to exclude IP addresses from dynamic allocation in an extended address pool.
Use the undo forbidden-ip command to cancel specified or all excluded IP addresses.
By default, all IP addresses in an extended address pool are assignable except the IP addresses of the DHCP server interfaces.
Note the following:
· Only the extended address pools support this command.
· IP addresses specified with the forbidden-ip command in DHCP address pool view are excluded from dynamic address allocation in the current extended address pool only. They are assignable in other address pools.
· Repeatedly using the forbidden-ip command can exclude multiple IP address ranges from dynamic allocation.
Related commands: dhcp server ip-pool and display dhcp server forbidden-ip.
Examples
# Exclude IP addresses 192.168.1.3 and 192.168.1.10 from dynamic allocation for extended address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] forbidden-ip 192.168.1.3 192.168.1.10
gateway-list
Syntax
gateway-list ip-address&<1-8>
undo gateway-list { ip-address | all }
View
DHCP address pool view
Default level
2: System level
Parameters
ip-address&<1-8>: Gateway IP address. &<1-8> means you can specify up to eight gateway addresses separated by spaces.
all: Specifies all gateway IP addresses to be removed.
Description
Use the gateway-list command to specify gateway address(es) in a DHCP address pool.
Use the undo gateway-list command to remove specified gateway address(es) specified for the DHCP client from a DHCP address pool.
By default, no gateway address is specified.
If you use the gateway-list command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the gateway address 10.110.1.99 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] gateway-list 10.110.1.99
nbns-list
Syntax
nbns-list ip-address&<1-8>
undo nbns-list { ip-address | all }
View
DHCP address pool view
Default level
2: System level
Parameters
ip-address&<1-8>: WINS server IP address. &<1-8> means you can specify up to eight WINS server addresses separated by spaces.
all: Specifies all WINS server addresses to be removed.
Description
Use the nbns-list command to specify WINS server address(es) in a DHCP address pool.
Use the undo nbns-list command to remove the specified WINS server address(es).
By default, no WINS server address is specified.
If you use the nbns-list command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool, netbios-type, and display dhcp server tree.
Examples
# Specify WINS server address 10.12.1.99 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] nbns-list 10.12.1.99
netbios-type
Syntax
netbios-type { b-node | h-node | m-node | p-node }
undo netbios-type
View
DHCP address pool view
Default level
2: System level
Parameters
b-node: Broadcast node. A b-node client sends the destination name in a broadcast message. The destination returns the name-to-IP mapping to the client after receiving the message.
p-node: Peer-to-peer node. A p-node client sends the destination name in a unicast message to the WINS server, and the WINS server returns the mapping to the client.
m-node: Mixed node, a combination of a b-node first and p-node second. An m-node client broadcasts the destination name, if there is no response, and then unicasts the destination name to the WINS server to get the mapping.
h-node: Hybrid node, a combination of a p-node first and b-node second. An h-node is a b-node with the peer-to-peer communication mechanism. An h-node client unicasts the destination name to the WINS server, if there is no response, and then broadcasts it to get the mapping from the destination.
Description
Use the netbios-type command to specify the client NetBIOS node type in a DHCP address pool.
Use the undo netbios-type command to remove the specified client NetBIOS node type.
By default, no NetBIOS node type is specified.
Related commands: dhcp server ip-pool, nbns-list, and display dhcp server tree.
Examples
# Specify the NetBIOS node type as b-node in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] netbios-type b-node
network
Syntax
network network-address [ mask-length | mask mask ]
undo network
View
DHCP address pool view
Default level
2: System level
Parameters
network-address: Network segment for dynamic allocation. If no mask length and mask is specified, the natural mask will be used.
mask-length: Mask length, in the range of 1 to 30.
mask mask: Specifies the IP address network mask, in dotted decimal format.
Description
Use the network command to specify the network segment for dynamic allocation in a DHCP address pool.
Use the undo network command to remove the specified network segment.
No IP address range is specified by default.
You can specify only one network segment for each DHCP global address pool. If you use the network command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify 192.168.8.0/24 as the network segment for dynamic allocation in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] network 192.168.8.0 mask 255.255.255.0
network ip range
Syntax
network ip range min-address max-address
undo network ip range
View
DHCP address pool view
Default level
2: System level
Parameters
min-address: Lowest IP address for dynamic allocation.
max-address: Highest IP address for dynamic allocation.
Description
Use the network ip range command to specify the IP address range for dynamic allocation in an address pool.
Use the undo network ip range command to remove the specified address range.
No IP address range is specified by default.
|
|
NOTE: · In a common address pool, you can use the network ip range command to further specify an IP address range on a subnet for address allocation. The specified IP address range must belong to the subnet, otherwise the common address pool cannot assign IP addresses. · You can specify only one IP address range for each extended address pool. If you use the network ip range command repeatedly, the latest configuration overwrites the previous one. |
Related commands: dhcp server ip-pool, network, and display dhcp server tree.
Examples
# Specify addresses 10.1.1.1 through 10.1.1.150 on subnet 10.1.1.0/24 as the address range for dynamic address allocation in common address pool 1.
<Sysname> system-view
[Sysname] dhcp server ip-pool 1
[Sysname-dhcp-pool-1] network 10.1.1.0 24
[Sysname-dhcp-pool-1] network ip range 10.1.1.1 10.1.1.150
# Specify addresses 192.168.8.1 through 192.168.8.150 as the address range for dynamic address allocation in extended address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] network ip range 192.168.8.1 192.168.8.150
network mask
Syntax
network mask mask
undo network mask
View
DHCP extended address pool view
Default level
2: System level
Parameters
mask: Network mask, in dotted decimal notation.
Description
Use the network mask command to specify the IP address mask for dynamic allocation in an extended address pool.
Use the undo network mask command to remove the specified IP address mask.
No IP address mask is specified by default.
Note the following:
· Only the extended address pools support this command.
· If you specify an IP address range for an extended address pool without an IP address mask, the extended address pool is not valid, and the system cannot assign IP addresses from the extended address pool.
Related commands: dhcp server ip-pool, network ip range, and display dhcp server tree.
Examples
# Specify 255.255.255.0 as the IP address mask for dynamic allocation in extended address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] network mask 255.255.255.0
next-server
Syntax
next-server ip-address
undo next-server
View
DHCP address pool view
Default level
2: System level
Parameters
ip-address: IP address of a server.
Description
Use the next-server command to specify the IP address of a server for DHCP clients.
Use the undo next-server command to remove the server’s IP address from the DHCP address pool.
By default, no server’s IP address is specified in the address pool on the DHCP server.
If you repeatedly execute this command, the new configuration overwrites the previous one.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify a server’s IP address 1.1.1.1 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] next-server 1.1.1.1
option
Syntax
option code { ascii ascii-string | hex hex-string&<1-16> | ip-address ip-address&<1-8> }
undo option code
View
DHCP address pool view
Default level
2: System level
Parameters
code: Self-defined option number, in the range of 2 to 254, excluding 12, 50 to 55, 57 to 61, and 82.
ascii ascii-string: Specifies an ASCII string with 1 to 255 characters.
hex hex-string&<1-16>: Specifies hex digit strings. &<1-16> indicates that you can specify up to 16 hex digit strings, separated by spaces. Each string contains 2, 4, 6 or 8 hex digits.
ip-address ip-address&<1-8>: Specifies IP addresses. &<1-8> indicates that you can specify up to eight IP addresses, separated by spaces.
Description
Use the option command to configure a self-defined DHCP option in a DHCP address pool.
Use the undo option command to remove a self-defined DHCP option from a DHCP address pool.
The option command is not configured by default.
If you use the option command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool and play dhcp server tree.
Examples
# Configure the hex digits 0x11 and 0x22 for the self-defined DHCP Option 100 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] option 100 hex 11 22
reset dhcp server conflict
Syntax
reset dhcp server conflict { all | ip ip-address }
View
User view
Default level
2: System level
Parameters
all: Clears the statistics of all IP address conflicts.
ip ip-address: Clears the conflict statistics of a specified IP address.
Description
Use the reset dhcp server conflict command to clear statistics of IP address conflict(s).
Related commands: display dhcp server conflict.
Examples
# Clears the statistics of all IP address conflicts.
<Sysname> reset dhcp server conflict all
reset dhcp server ip-in-use
Syntax
display dhcp server ip-in-use { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays the binding information of all DHCP address pools.
ip ip-address: Displays the binding information of a specified IP address.
pool [ pool-name ]: Displays the binding information of a specified address pool. The pool name is a string of 1 to 35 characters. If no pool name is specified, the binding information of all address pools is displayed.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp server ip-in-use command to display the binding information of DHCP address pool(s) or an IP address.
Related commands: reset dhcp server ip-in-use.
Examples
# Display the binding information of all DHCP address pools.
<Sysname> display dhcp server ip-in-use all
Pool utilization: 0.39%
IP address Client-identifier/ Lease expiration Type
Hardware address
10.1.1.1 4444-4444-4444 NOT Used Manual
10.1.1.2 3030-3030-2e30-3030- May 1 2009 14:02:49 Auto:COMMITTED
662e-3030-3033-2d45-
7468-6572-6e65-7430-
2f31
--- total 2 entry ---
Table 7 Output description
|
Field |
Description |
|
Pool utilization |
Utilization rate of IP addresses in a DHCP address pool, which is the ratio of assigned IP addresses to assignable IP addresses in the DHCP address pool. · When the binding information of all DHCP address pools is displayed, this field displays the total utilization rate of IP addresses in all DHCP address pools. · When the binding information of a specific DHCP address pool is displayed, this field displays the utilization rate of IP addresses in the DHCP address pool. · When the binding information of a specific IP address is displayed, this field is not displayed. |
|
IP address |
Bound IP address |
|
Client-identifier/Hardware address |
Client’s ID or MAC of the binding |
|
Lease expiration |
Lease expiration time, which can be · Specific time (May 1 2009 14:02:49 in this example): Time when the lease expires · NOT Used: The IP address of the static binding has not been assigned to the specific client. · Unlimited: Infinite lease expiration time |
|
Type |
Binding types, including Manual, Auto:OFFERED and Auto:COMMITTED. · Manual: Static binding · Auto:OFFERED: The binding sent in the DHCP-OFFER message from the server to the client. · Auto:COMMITTED: The binding sent in the DHCP-ACK message from the server to the client. |
reset dhcp server statistics
Syntax
reset dhcp server statistics
View
User view
Default level
2: System level
Parameters
None
Description
Use the reset dhcp server statistics command to clear the statistics of the DHCP server.
Related commands: display dhcp server statistics.
Examples
# Clear the statistics of the DHCP server.
<Sysname> reset dhcp server statistics
static-bind client-identifier
Syntax
static-bind client-identifier client-identifier
undo static-bind client-identifier
View
DHCP address pool view
Default level
2: System level
Parameters
client-identifier: The client ID of a static binding, a string with 4 to 160 characters in the format of H-H-H…, each H indicates 4 hex digits except the last H indicates 2 or 4 hex digits. For example, aabb-cccc-dd is a valid ID, while aabb-c-dddd and aabb-cc-dddd are both invalid.
Description
Use the static-bind client-identifier command to specify the client ID of a static binding in a DHCP address pool.
Use the undo static-bind client-identifier command to remove the client ID of a static binding from a DHCP address pool.
By default, no client ID is specified.
Note the following:
· Use the static-bind client-identifier command together with the static-bind ip-address command to accomplish a static binding configuration.
· The ID of the static binding of a client must be identical to the ID displayed by using the display dhcp client verbose command on the client. Otherwise, the client cannot obtain an IP address.
· If you use the static-bind client-identifier or static-bind mac-address command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool, static-bind ip-address, static-bind mac-address, display dhcp server tree, and display dhcp client verbose.
Examples
# Bind the client ID aaaa-bbbb to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[Sysname-dhcp-pool-0] static-bind client-identifier aaaa-bbbb
static-bind ip-address
Syntax
static-bind ip-address ip-address [ mask-length | mask mask ]
undo static-bind ip-address
View
DHCP address pool view
Default level
2: System level
Parameters
ip-address: IP address of a static binding. If no mask and mask length is specified, the natural mask is used.
mask-length: Mask length of the IP address. The number of ones in the mask, in the range of 1 to 30.
mask mask: Specifies the IP address mask, in dotted decimal format.
Description
Use the static-bind ip-address command to specify an IP address in a DHCP address pool for a static binding.
Use the undo static-bind ip-address command to remove the statically bound IP address.
By default, no IP address is statically bound in a DHCP address pool.
Note the following:
· Use the static-bind ip-address command together with the static-bind mac-address or static-bind client-identifier command to accomplish a static binding configuration.
· If the statically bound IP address is an interface address of the DHCP server, the static binding does not take effect.
· If you use the static-bind ip-address command repeatedly, the latest configuration overwrites the previous one.
Related commands: dhcp server ip-pool, static-bind client-identifier, static-bind mac-address, and display dhcp server tree.
Examples
# Bind the client MAC address 0000-e03f-0305 to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[Sysname-dhcp-pool-0] static-bind mac-address 0000-e03f-0305
static-bind mac-address
Syntax
static-bind mac-address mac-address
undo static-bind mac-address
View
DHCP address pool view
Default level
2: System level
Parameters
mac-address: The MAC address of a static binding, in the format of H-H-H.
Description
Use the static-bind mac-address command to statically bind a MAC address to an IP address in a DHCP address pool.
Use the undo static-bind mac-address command to remove the statically bound MAC address.
By default, no MAC address is statically bound.
Note the following:
· Use the static-bind mac-address command together with the static-bind ip-address command to complete a static binding configuration.
· The IP address of the static binding cannot be an interface address of the DHCP server. Otherwise, an IP address conflict may occur and the bound client cannot obtain an IP address correctly.
· If you use the static-bind mac-address or static-bind client-identifier command repeatedly, the latest configuration overwrites the previous one.
Relate command: dhcp server ip-pool, static-bind client-identifier, static-bind ip-address, and display dhcp server tree.
Examples
# Bind the client MAC address 0000-e03f-0305 to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[Sysname-dhcp-pool-0] static-bind mac-address 0000-e03f-0305
tftp-server domain-name
Syntax
tftp-server domain-name domain-name
undo tftp-server domain-name
View
DHCP address pool view
Default level
2: System level
Parameters
domain-name: TFTP server name, a string of 1 to 63 characters.
Description
Use the tftp-server domain-name command to specify a TFTP server name in a DHCP address pool.
Use the undo tftp-server domain-name command to remove the TFTP server name from a DHCP address pool.
By default, no TFTP server name is specified.
Using the tftp-server domain-name command repeatedly overwrites the previous configuration.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the TFTP server name as aaa in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] tftp-server domain-name aaa
tftp-server ip-address
Syntax
tftp-server ip-address ip-address
undo tftp-server ip-address
View
DHCP address pool view
Default level
2: System level
Parameters
ip-address: TFTP server IP address.
Description
Use the tftp-server ip-address command to specify the TFTP server IP address in a DHCP address pool.
Use the undo tftp-server ip-address command to remove the TFTP server IP address from a DHCP address pool.
By default, no TFTP server address is specified.
Using the tftp-server ip-address command repeatedly overwrites the previous configuration.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Specify the TFTP server address 10.1.1.1 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] tftp-server ip-address 10.1.1.1
vendor-class-identifier
Syntax
vendor-class-identifier hex-string&<1-255> ip range min-address max-address
undo vendor-class-identifier hex-string&<1-255>
View
DHCP extended address pool view
Default level
2: System level
Parameters
hex-string&<1-255>: A character string, which is used to match against Option 60 (vendor class identifier option). hex-string is a hexadecimal number ranging from 0 to FF. &<1-255> indicates that you can type up to 255 hexadecimal numbers, which are separated by spaces.
ip range min-address max-address: Specifies the IP address range for dynamic allocation. min-address is the lowest IP address and max-address is the highest IP address for dynamic allocation.
Description
Use the vendor-class-identifier command to specify an IP address range for the DHCP clients of a specified vendor.
Use the undo vendor-class-identifier command to restore the default.
By default, no IP address range is specified for the DHCP clients of any vendor.
After this feature is configured in an extended DHCP address pool, the DHCP server, when using the extended DHCP address pool to assign an IP address to a DHCP client, checks whether Option 60 in the DHCP request is the same as the character string configured with the vendor-class-identifier command. If yes, the DHCP server selects an IP address from the address range specified with this command. If not, the DHCP server selects one from the address range specified with the network ip range command.
Note the following:
· Only extended address pools support this command.
· The IP address range specified with this command must be included in that specified with the network ip range command.
Related commands: network ip range and network mask.
Examples
# Specify IP address rang 10.1.1.1 to 10.1.1.5 for the DHCP clients of vender a0 b0 0c.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] vendor-class-identifier a0 b0 0c ip range 10.1.1.1 10.1.1.5
voice-config
Syntax
voice-config { as-ip ip-address | fail-over ip-address dialer-string | ncp-ip ip-address | voice-vlan vlan-id { disable | enable } }
undo voice-config [ as-ip | fail-over | ncp-ip | voice-vlan ]
View
DHCP address pool view
Default level
2: System level
Parameters
as-ip ip-address: Specifies the IP address for the backup network calling processor. When the primary network calling processor is unavailable, the DHCP client uses the backup network calling processor.
fail-over ip-address dialer-string: Specifies the failover IP address and dialer string. The dialer-string is a string of 1 to 39 characters, which can be 0 to 9, and “*”.
ncp-ip ip-address: Specifies the IP address for the primary network calling processor.
voice-vlan vlan-id: Specifies the voice VLAN ID, in the range of 2 to 4094.
· disable: Disables the specified voice VLAN ID, meaning DHCP clients will not take this ID as their voice VLAN.
· enable: Enables the specified voice VLAN ID, meaning DHCP clients will take this ID as their voice VLAN.
Description
Use the voice-config command to configure specified Option 184 contents in a DHCP address pool.
Use the undo voice-config command to remove specified Option 184 contents from a DHCP address pool.
By default, no Option 184 content is configured.
You must specify the IP address of a network calling processor first to make other configured parameters take effect.
Related commands: dhcp server ip-pool and display dhcp server tree.
Examples
# Configure Option 184 in DHCP address pool 0: the primary network calling processor 10.1.1.1, backup network calling processor 10.2.2.2, voice VLAN ID 3 that is enabled, the failover IP address 10.3.3.3 and dialer string 99*.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] voice-config ncp-ip 10.1.1.1
[Sysname-dhcp-pool-0] voice-config as-ip 10.2.2.2
[Sysname-dhcp-pool-0] voice-config voice-vlan 3 enable
[Sysname-dhcp-pool-0] voice-config fail-over 10.3.3.3 99*
|
|
NOTE: The DHCP relay agent configuration is supported only on Layer 3 Ethernet interfaces (or subinterfaces), VLAN interfaces, and Layer 3 aggregate interfaces. |
dhcp relay address-check enable
Syntax
dhcp relay address-check enable
undo dhcp relay address-check enable
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp relay address-check enable command to enable address check on the relay agent.
Use the undo dhcp relay address-check enable command to disable address check on the relay agent.
By default, the function is disabled.
With this feature enabled, the DHCP relay agent can dynamically record clients’ IP-to-MAC bindings after clients get IP addresses through DHCP. It also supports static bindings. You can manually configure IP-to-MAC bindings on the DHCP relay agent, so that users can access external networks using fixed IP addresses.
Upon receiving an ARP packet, the DHCP relay agent matches the sender’s IP and MAC addresses in the packet against the bindings (both dynamic and static). If no match is found, the DHCP relay agent does not learn the ARP entry, and thus the sending host cannot access external networks via the DHCP relay agent.
Note the following:
· This command can be executed only on Layer 3 Ethernet interfaces (including subinterfaces) and VLAN interfaces.
· The dhcp relay address-check enable command only checks IP and MAC addresses of clients.
Examples
# Enable IP address match check on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay address-check enable
dhcp relay check mac-address
Syntax
dhcp relay check mac-address
undo dhcp relay check mac-address
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp relay check mac-address command to enable MAC address check on the DHCP relay agent.
Use the undo dhcp relay check mac-address command to disable MAC address check on the DHCP relay agent.
By default, this function is disabled.
With this function enabled, the DHCP relay agent compares the chaddr field of a received DHCP request with the source MAC address field of the frame. If they are the same, the DHCP relay agent decides this request as valid and forwards it to the DHCP server; if not, the DHCP request is discarded.
DHCP relay agents change the source MAC addresses when forwarding DHCP packets. Therefore, you can enable MAC address check only on a DHCP relay agent directly connected to the DHCP clients. Otherwise, valid DHCP packets may be discarded and clients cannot obtain IP addresses.
Examples
# Enable MAC address check on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] dhcp relay check mac-address
dhcp relay client-detect enable
Syntax
dhcp relay client-detect enable
undo dhcp relay client-detect enable
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp relay client-detect enable command to enable offline detection on the DHCP relay agent.
Use the undo dhcp relay client-detect enable command to disable offline detection on the DHCP relay agent.
By default, this function is disabled.
With this feature enabled, the DHCP relay agent considers a DHCP client goes offline when the ARP entry for the client ages out. In addition, it removes the client entry and sends a DHCP-RELEASE message to the DHCP server to release the IP address of the client.
Examples
# Enable offline detection on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] dhcp relay client-detect enable
dhcp relay information circuit-id format-type
Syntax
dhcp relay information circuit-id format-type { ascii | hex }
undo dhcp relay information circuit-id format-type
View
Interface view
Default level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Description
Use the dhcp relay information circuit-id format-type command to configure the code type for the non-user-defined circuit ID sub-option.
Use the undo dhcp relay information circuit-id format-type command to restore the default.
By default, the code type for the circuit ID sub-option depends on the specified padding format of Option 82. Each field has its own code type.
This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option using the dhcp relay information circuit-id string command, ASCII is adopted as the code type.
Related commands: display dhcp relay information.
Examples
# Configure the code type for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information circuit-id format-type ascii
dhcp relay information circuit-id string
Syntax
dhcp relay information circuit-id string circuit-id
undo dhcp relay information circuit-id string
View
Interface view
Default level
2: System level
Parameters
circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Description
Use the dhcp relay information circuit-id string command to configure the padding content for the user-defined circuit ID sub-option.
Use the undo dhcp relay information circuit-id string command to restore the default.
By default, the padding content for the circuit ID sub-option depends on the padding format of Option 82.
After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.
Related commands: dhcp relay information format and display dhcp relay information.
Examples
# Configure the padding content for the circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information circuit-id string company001
dhcp relay information enable
Syntax
dhcp relay information enable
undo dhcp relay information enable
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp relay information enable command to enable the relay agent to support Option 82.
Use the undo dhcp relay information enable command to disable Option 82 support.
By default, DHCP relay is not allowed to support Option 82.
Related commands: display dhcp relay information.
Examples
# Enable Option 82 support on the relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information enable
dhcp relay information format
Syntax
dhcp relay information format { normal | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp relay information format
View
Interface view
Default level
2: System level
Parameters
normal: Specifies the normal padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.
· mac indicates using MAC address as the node identifier.
· sysname indicates using the device name of a node as the node identifier.
· user-defined node-identifier indicates using a specified character string as the node identifier, in which node-identifier is a string with 1 to 50 characters.
Description
Use the dhcp relay information format command to specify a padding format for Option 82.
Use the undo dhcp relay information format command to restore the default padding format.
The Option 82 padding format defaults to normal.
|
|
NOTE: · If configuring the handling strategy of the DHCP relay agent as replace, you need to configure a padding format of Option 82. If the handling strategy is keep or drop, you need not configure any padding format. · If sub-option 1 (node identifier) of Option 82 is padded with the device name (sysname) of a node, the device name must contain no spaces. Otherwise, the DHCP relay agent will drop the message. |
Related commands: display dhcp relay information.
Examples
# Specify the verbose padding format for Option 82.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information enable
[Sysname-Vlan-interface2] dhcp relay information strategy replace
[Sysname-Vlan-interface2] dhcp relay information format verbose
dhcp relay information remote-id format-type
Syntax
dhcp relay information remote-id format-type { ascii | hex }
undo dhcp relay information remote-id format-type
View
Interface view
Default level
2: System view
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Description
Use the dhcp relay information remote-id format-type command to configure the code type for the non-user-defined remote ID sub-option.
Use the undo dhcp relay information remote-id format-type command to restore the default.
By default, the code type for the remote ID sub-option is HEX.
This command applies to configuring the non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option using the dhcp relay information remote-id string command, ASCII is adopted as the code type.
Related commands: display dhcp relay information.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information remote-id format-type ascii
dhcp relay information remote-id string
Syntax
dhcp relay information remote-id string { remote-id | sysname }
undo dhcp relay information remote-id string
View
Interface view
Default level
2: System level
Parameters
remote-id: Padding content for the user-defined remote ID sub-option, a case-sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Description
Use the dhcp relay information remote-id string command to configure the padding content for the user-defined remote ID sub-option.
Use the undo dhcp relay information remote-id string command to restore the default.
By default, the padding content for the remote ID sub-option depends on the padding format of Option 82.
After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.
Related commands: dhcp relay information format and display dhcp relay information.
|
|
NOTE: If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string “Sysname” command. |
Related commands: dhcp relay information format and display dhcp relay information.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information remote-id string device001
dhcp relay information strategy
Syntax
dhcp relay information strategy { drop | keep | replace }
undo dhcp relay information strategy
View
Interface view
Default level
2: System level
Parameters
drop: Specifies to drop messages containing Option 82.
keep: Specifies to forward messages containing Option 82 without any change.
replace: Specifies to forward messages containing Option 82 after replacing the original Option 82 with the Option 82 padded in the specified padding format.
Description
Use the dhcp relay information strategy command to configure DHCP relay agent handling strategy for messages containing Option 82.
Use the undo dhcp relay information strategy command to restore the default handling strategy.
The handling strategy for messages containing Option 82 defaults to replace.
Related commands: display dhcp relay information.
Examples
# Configure the DHCP relay agent handling strategy for messages containing Option 82 as keep.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay information enable
[Sysname-Vlan-interface2] dhcp relay information strategy keep
dhcp relay release ip
Syntax
dhcp relay release ip client-ip
View
System view
Default level
2: System level
Parameters
client-ip: DHCP client IP address.
Description
Use the dhcp relay release ip command to request the DHCP server to release a specified client IP address.
Examples
# Request the DHCP server to release the IP address 1.1.1.1.
<Sysname> system-view
[Sysname] dhcp relay release ip 1.1.1.1
dhcp relay security static
Syntax
dhcp relay security static ip-address mac-address [ interface interface-type interface-number ]
undo dhcp relay security { ip-address | all | dynamic | interface interface-type interface-number | static }
View
System view
Default level
2: System level
Parameters
ip-address: Client IP address for creating a static binding.
mac-address: Client MAC address for creating a static binding, in the format H-H-H.
interface interface-type interface-number: Specifies a Layer 3 interface connecting to the DHCP client. interface-type interface-number specifies the interface type and interface number.
all: Specifies all client entries to be removed.
dynamic: Specifies dynamic client entries to be removed.
static: Specifies manual client entries to be removed.
Description
Use the dhcp relay security static command to configure a static client entry. The binding between IP address, MAC address, and Layer 3 interface on the relay agent.
Use the undo dhcp relay security command to remove specified client entries from the relay agent.
No manual client entry is configured on the DHCP relay agent by default.
Note the following:
· When using the dhcp relay security static command to bind an interface to a static client entry, make sure that the interface is configured as a DHCP relay agent; otherwise, entry conflicts may occur.
· The undo dhcp relay security interface command is used to remove all the dynamic client entries from the interface.
Related commands: display dhcp relay security.
Examples
# Bind DHCP relay interface VLAN-interface 2 to IP address 10.10.1.1 and MAC address 0005-5d02-f2b3 of the client.
<Sysname> system-view
[Sysname] dhcp relay security static 10.10.1.1 0005-5d02-f2b3 interface vlan-interface 2
dhcp relay security refresh enable
Syntax
dhcp relay security refresh enable
undo dhcp relay security refresh enable
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp relay security refresh enable command to enable the DHCP relay agent to periodically refresh dynamic client entries.
Use the undo dhcp relay security refresh enable command to disable periodic refresh of dynamic client entries.
By default, the DHCP relay agent is enabled to periodically refresh dynamic client entries.
If you disable the DHCP relay agent from periodically refreshing dynamic client entries, such entries do not age automatically. You must manually remove a dynamic client entry on the DHCP relay agent if a client relinquishes its IP address,.
Related commands: dhcp relay security tracker and dhcp relay security static.
Examples
# Disable the DHCP relay agent from periodically refreshing dynamic client entries.
<Sysname> system-view
[Sysname] undo dhcp relay security refresh enable
dhcp relay security tracker
Syntax
dhcp relay security tracker { interval | auto }
undo dhcp relay security tracker [ interval ]
View
System view
Default level
2: System level
Parameters
interval: Refreshing interval in seconds, in the range of 1 to 120.
auto: Specifies the auto refreshing interval, which is the value of 60 seconds divided by the number of binding entries. Thus, the more entries are, the shorter interval is, but the shortest interval is no less than 500 ms.
Description
Use the dhcp relay security tracker command to set a refreshing interval at which the relay agent contacts the DHCP server for refreshing dynamic bindings.
Use the undo dhcp relay security tracker command to restore the default interval.
The default refreshing interval is auto, the value of 60 seconds divided by the number of binding entries.
Related commands: display dhcp relay security tracker.
Examples
# Set the refreshing interval as 100 seconds.
<Sysname> system-view
[Sysname] dhcp relay security tracker 100
dhcp relay server-detect
Syntax
dhcp relay server-detect
undo dhcp relay server-detect
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp relay server-detect command to enable unauthorized DHCP server detection.
Use the undo dhcp relay server-detect command to disable unauthorized DHCP server detection.
By default, unauthorized DHCP server detection is disabled.
With this function enabled, upon receiving a DHCP request, the DHCP relay agent will record the IP addresses of all DHCP servers which ever offered IP addresses to the DHCP client and the receiving interface. Each server detected is recorded only once. The administrator can use this information from logs to check for unauthorized DHCP servers.
After the information of recorded DHCP servers is cleared, the relay agent will re-record server information following this mechanism.
Examples
# Enable unauthorized DHCP server detection.
<Sysname> system-view
[Sysname] dhcp relay server-detect
dhcp relay server-group
Syntax
dhcp relay server-group group-id ip ip-address
undo dhcp relay server-group group-id [ ip ip-address ]
View
System view
Default level
2: System level
Parameters
group-id: DHCP server group number, in the range of 0 to 19.
ip ip-address: DHCP server IP address.
Description
Use the dhcp relay server-group command to specify a DHCP server for a DHCP server group.
Use the undo dhcp relay server-group command to remove a DHCP server from a DHCP server group, if no ip ip-address is specified, all servers in the DHCP server group and the server group itself will be removed.
By default, no DHCP server is specified for a DHCP server group.
Note the following:
· The IP address of a DHCP server and that of the interface of a client connected to a DHCP relay agent cannot be in the same network segment. Otherwise, the client may fail to obtain an IP address.
· If a server group has been correlated to multiple interfaces, you need to cancel these correlations before removing the server group.
Related commands: display dhcp relay server-group.
Examples
# Specify DHCP server 1.1.1.1 for DHCP server group 1 on the relay agent.
<Sysname> system-view
[Sysname] dhcp relay server-group 1 ip 1.1.1.1
dhcp relay server-select
Syntax
dhcp relay server-select group-id
undo dhcp relay server-select
View
Interface view
Default level
2: System level
Parameters
group-id: DHCP server group number to be correlated, in the range of 0 to 19.
Description
Use the dhcp relay server-select command to correlate specified interface(s) to a specified DHCP server group.
Use the undo dhcp relay server-select command to remove a configured correlation.
By default, no DHCP server group is correlated with an interface on the relay agent.
Note the following:
· A DHCP server group can correlate with one or multiple DHCP relay agent interfaces.
· A relay agent interface can only correlate with one DHCP server group, and a newly configured correlation overwrites the previous one. If the server group in the new correlation does not exist, the new configuration will not work. The interface still maintains the previous correlation.
· The DHCP server group referenced in this command should have been configured by using the dhcp relay server-group command.
Related commands: dhcp relay server-group and display dhcp relay.
Examples
# Correlate VLAN-interface 2 to DHCP server group 1.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp relay server-select 1
dhcp select relay
Syntax
dhcp select relay
undo dhcp select relay
View
Interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp select relay command to enable the relay agent on the current interface. Upon receiving requests from an enabled interface, the relay agent will forward these requests to outside DHCP servers for IP address allocation.
Use the undo dhcp select relay command to restore the default.
After DHCP is enabled, the DHCP server is enabled on an interface by default. Upon receiving a client’s request from the interface, the DHCP server allocates an IP address from the DHCP address pool to the client.
When the working mode of the interface is changed from DHCP server to DHCP relay agent, neither the IP address leases nor the authorized ARP entries will be deleted. However, these ARP entries may conflict with new ARP entries generated on the DHCP relay agent. H3C recommends you delete the existing IP address leases when changing the interface working mode to DHCP relay agent.
Examples
# Enable the DHCP relay agent on Vlan-interface 2.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] dhcp select relay
display dhcp relay
Syntax
display dhcp relay { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays information of DHCP server groups that all interfaces correspond to.
interface interface-type interface-number: Displays information of the DHCP server group that a specified interface corresponds to.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay command to display information about DHCP server groups correlated to an interface or all interfaces.
Examples
# Display information about DHCP server groups correlated to all interfaces.
<Sysname> display dhcp relay all
Interface name Server-group
Vlan-interface 2 1
Table 8 Output description
|
Field |
Description |
|
Interface name |
Interface name |
|
Server-group |
DHCP server group number correlated to the interface. |
display dhcp relay information
Syntax
display dhcp relay information { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays the Option 82 configuration information of all interfaces.
interface interface-type interface-number: Displays the Option 82 configuration information of a specified interface.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay information command to display Option 82 configuration information on the DHCP relay agent.
Examples
# Display the Option 82 configuration information of all interfaces.
<Sysname> display dhcp relay information all
Interface: Vlan-interface100
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: aabbcc
User defined:
Circuit ID: company001
Interface: Vlan-interface200
Status: Enable
Strategy: Keep
Format: Normal
Circuit ID format-type: HEX
Remote ID format-type: ASCII
User defined:
Remote ID: device001
Table 9 Output description
|
Field |
Description |
|
Interface |
Interface name |
|
Status |
Option 82 state, which can be Enable or Disable. |
|
Strategy |
Handling strategy for requesting messages containing Option 82, which can be Drop, Keep, or Replace. |
|
Format |
Padding format of Option 82, which can be Normal or Verbose. |
|
Circuit ID format-type |
Non-user-defined code type of the circuit ID sub-option, which can be ASCII or HEX. |
|
Remote ID format-type |
Non-user-defined code type of the remote ID sub-option, which can be ASCII or HEX. |
|
Node identifier |
Access node identifier |
|
User defined |
Content of user-defined sub-options |
|
Circuit ID |
User-defined padding content of the circuit ID sub-option |
|
Remote ID |
User-defined padding content of the remote ID sub-option |
display dhcp relay security
display dhcp relay security [ ip-address | dynamic | static ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
ip-address: Displays the binding information of an IP address.
dynamic: Displays information about dynamic bindings.
static: Displays information about static bindings.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay security command to display information about bindings of DHCP relay agents. If no parameter is specified, information about all bindings will be displayed.
You need to enable address check, authorized ARP support, or IP Source Guard on the DHCP relay agent before it can generate dynamic client entries. For more information about IP source guard, see Security Configuration Guide.
Examples
# Display information about all bindings.
<Sysname> display dhcp relay security
IP Address MAC Address Type Interface
10.1.1.5 00e0-0000-0000 Static Vlan2
--- 1 dhcp-security item(s) found ---
Table 10 Output description
|
Field |
Description |
|
IP Address |
Client IP address |
|
MAC Address |
Client MAC address |
|
Type |
Type of binding, including dynamic, static, and temporary. |
|
Interface |
Layer 3 interface connecting to the DHCP client. If no interface is recorded in the binding entry, “N/A” is displayed. |
display dhcp relay security statistics
Syntax
display dhcp relay security statistics [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay security statistics command to display statistics information about bindings of DHCP relay agents.
You need to enable address check, authorized ARP support, or IP source guard on the DHCP relay agent before it can generate dynamic client entries. For more information about IP source guard, see Security Configuration Guide.
Examples
# Display statistics about bindings of DHCP relay agents.
<Sysname> display dhcp relay security statistics
Static Items :1
Dynamic Items :0
Temporary Items :0
All Items :1
Table 11 Output description
|
Field |
Description |
|
Static Items |
Static binding items |
|
Dynamic Items |
Dynamic binding items |
|
Temporary Items |
Temporary binding items |
|
All Items |
All binding items |
display dhcp relay security tracker
Syntax
display dhcp relay security tracker [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay security tracker command to display the interval for refreshing dynamic bindings on the relay agent.
Examples
# Display the interval for refreshing dynamic bindings on the relay agent.
<Sysname> display dhcp relay security tracker
Current tracker interval : 10s
The interval is 10 seconds.
display dhcp relay server-group
Syntax
display dhcp relay server-group { group-id | all } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
group-id: Displays the information of the specified DHCP server group numbered from 0 to 19.
all: Displays the information of all DHCP server groups.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay server-group command to display the configuration information of a specified or all DHCP server groups.
Examples
# Display IP addresses of DHCP servers in DHCP server group 1.
<Sysname> display dhcp relay server-group 1
No. Group IP
1 1.1.1.1
2 1.1.1.2
Table 12 Output description
|
Field |
Description |
|
No. |
Sequence number |
|
Group IP |
IP address in the server group |
display dhcp relay statistics
Syntax
display dhcp relay statistics [ server-group { group-id | all } ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
group-id: Specifies a server group number in the range of 0 to 19 about which to display DHCP packet statistics.
all: Specifies all server groups about which to display DHCP packet statistics. Information for each group will be displayed.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp relay statistics command to display DHCP packet statistics related to a specified or all DHCP server groups.
If no parameter is specified, all DHCP packet statistics on the relay agent will be displayed.
Related commands: reset dhcp relay statistics.
Examples
# Display all DHCP packet statistics on the relay agent.
<Sysname> display dhcp relay statistics
Bad packets received: 0
DHCP packets received from clients: 0
DHCPDISCOVER packets received: 0
DHCPREQUEST packets received: 0
DHCPINFORM packets received: 0
DHCPRELEASE packets received: 0
DHCPDECLINE packets received: 0
BOOTPREQUEST packets received: 0
DHCP packets received from servers: 0
DHCPOFFER packets received: 0
DHCPACK packets received: 0
DHCPNAK packets received: 0
BOOTPREPLY packets received: 0
DHCP packets relayed to servers: 0
DHCPDISCOVER packets relayed: 0
DHCPREQUEST packets relayed: 0
DHCPINFORM packets relayed: 0
DHCPRELEASE packets relayed: 0
DHCPDECLINE packets relayed: 0
BOOTPREQUEST packets relayed: 0
DHCP packets relayed to clients: 0
DHCPOFFER packets relayed: 0
DHCPACK packets relayed: 0
DHCPNAK packets relayed: 0
BOOTPREPLY packets relayed: 0
DHCP packets sent to servers: 0
DHCPDISCOVER packets sent: 0
DHCPREQUEST packets sent: 0
DHCPINFORM packets sent: 0
DHCPRELEASE packets sent: 0
DHCPDECLINE packets sent: 0
BOOTPREQUEST packets sent: 0
DHCP packets sent to clients: 0
DHCPOFFER packets sent: 0
DHCPACK packets sent: 0
DHCPNAK packets sent: 0
BOOTPREPLY packets sent: 0
# Display DHCP packet statistics related to every server group on the relay agent.
<Sysname> display dhcp relay statistics server-group all
DHCP relay server-group #0
Packet type Packet number
Client -> Server:
DHCPDISCOVER 0
DHCPREQUEST 0
DHCPINFORM 0
DHCPRELEASE 0
DHCPDECLINE 0
BOOTPREQUEST 0
Server -> Client:
DHCPOFFER 0
DHCPACK 0
DHCPNAK 0
BOOTPREPLY 0
reset dhcp relay statistics
Syntax
reset dhcp relay statistics [ server-group group-id ]
View
User view
Default level
1: Monitor level
Parameters
server-group group-id: Specifies a server group ID (in the range of 0 to 19) about which to remove statistics from the relay agent.
Description
Use the reset dhcp relay statistics command to remove statistics from the relay agent.
If no server-group is specified, all statistics will be removed from the relay agent.
Related commands: display dhcp relay statistics.
Examples
# Remove all statistics from the DHCP relay agent.
<Sysname> reset dhcp relay statistics
|
|
NOTE: · The DHCP client configuration is supported only on Layer 3 Ethernet interfaces (or subinterfaces), VLAN interfaces, and Layer 3 aggregate interfaces. · An interface in an aggregation group cannot be enabled with the DHCP client. · To enable multiple VLAN interfaces with the same MAC address to use the DHCP client to get IP addresses via a relay agent, the DHCP server must not run on Windows Server 2000 or Windows Server 2003. |
display dhcp client
Syntax
display dhcp client [ verbose ] [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
verbose: Displays detailed DHCP client information.
interface interface-type interface-number: Displays DHCP client information for the specified interface.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp client command to display DHCP client information. If no interface is specified, this command displays DHCP client information for all interfaces.
Examples
# Display DHCP client information for all interfaces.
<Sysname> display dhcp client
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
DHCP server: 40.1.1.2
# Display verbose DHCP client information.
<Sysname> display dhcp client verbose
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
Lease from 2005.08.13 15:37:59 to 2005.08.16 15:37:59
DHCP server: 40.1.1.2
Transaction ID: 0x1c09322d
Default router: 40.1.1.2
Classless static route:
Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16
Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16
DNS server: 44.1.1.11
DNS server: 44.1.1.12
Domain name: ddd.com
Boot server: 200.200.200.200 1.1.1.1
Client ID: 3030-3066-2e65-3234-
392e-3830-3438-2d56-
6c61-6e2d-696e-7465-
7266-6163-6531
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.
Table 13 Output description
|
Field |
Description |
|
Vlan-interface1 DHCP client information |
Interface enabled with the DHCP client |
|
Current machine state |
Current state of the DHCP client, which can be: · HALT—Indicates that the client stops applying for an IP address. · INIT—Indicates the initialization state. · SELECTING—Indicates that the client has sent out a DHCP-DISCOVER message in search of a DHCP server and is waiting for the response from DHCP servers. · REQUESTING—Indicates that the client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from DHCP servers. · BOUND—Indicates that the client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully. · RENEWING—Indicates that the T1 timer expires. · REBOUNDING—Indicates that the T2 timer expires. |
|
Allocated IP |
IP address allocated by the DHCP server |
|
Allocated lease |
Allocated lease time |
|
T1 |
1/2 lease time (in seconds) of the DHCP client IP address |
|
T2 |
7/8 lease time (in seconds) of the DHCP client IP address |
|
Lease from….to…. |
Start and end time of the lease. |
|
DHCP Server |
DHCP server IP address that assigned the IP address |
|
Transaction ID |
Transaction ID, a random number chosen by the client to identify an IP address allocation. |
|
Default router |
Gateway address assigned to the client |
|
Classless static route |
Classless static routes assigned to the client |
|
Static route |
Classful static routes assigned to the client |
|
DNS server |
DNS server address assigned to the client |
|
Domain name |
Domain name suffix assigned to the client |
|
Boot server |
PXE server addresses (up to 16 addresses) specified for the DHCP client, which are obtained through Option 43. |
|
Client ID |
Client ID |
|
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds. |
How long the T1 (1/2 lease time) timer will expire. |
ip address dhcp-alloc
Syntax
ip address dhcp-alloc [ client-identifier mac interface-type interface-number ]
undo ip address dhcp-alloc
View
Interface view
Default level
2: System level
Parameters
client-identifier mac interface-type interface-number: Specifies the MAC address of the interface as the client ID for address acquisition.
Description
Use the ip address dhcp-alloc command to enable the DHCP client on the interface.
Use the undo ip address dhcp-alloc command to disable the DHCP client on the interface.
By default, an interface does not use DHCP for IP address acquisition.
|
|
NOTE: · If no parameter is specified, the client uses a character string comprised of the current interface name and MAC address as the client ID for address acquisition. · If you release the IP address of the interface, the DHCP client sends a DHCP-RELEASE message to inform the server to release the IP address. · If a sub interface has obtained an IP address by using the DHCP client, using the shutdown command on the primary interface does not make the DHCP client send a DHCP-RELEASE message for releasing the sub interface’s IP address. |
Examples
# Enable the DHCP client on VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address dhcp-alloc
dhcp-snooping
Syntax
dhcp-snooping
undo dhcp-snooping
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp-snooping command to enable DHCP snooping.
Use the undo dhcp-snooping command to disable DHCP snooping.
With DHCP snooping disabled, all ports can forward responses from any DHCP servers and does not record binding information about MAC addresses of DHCP clients and the obtained IP addresses.
By default, DHCP snooping is disabled.
Related commands: display dhcp-snooping.
Examples
# Enable DHCP snooping.
<Sysname> system-view
[Sysname] dhcp-snooping
dhcp-snooping binding database filename
Syntax
dhcp-snooping binding database filename filename
undo dhcp-snooping binding database filename
View
System view
Default level
2: System level
Parameters
filename: File name. For how to define the file name, see Fundamentals Configuration Guide.
Description
Use the dhcp-snooping binding database filename command to specify the name of the file for storing DHCP snooping bindings.
Use the undo dhcp-snooping binding database filename to restore the default.
By default, no file name is specified.
Note the following:
· If no file with the specified name is found, the switch will automatically create the file upon storing a DHCP snooping binding.
· DHCP snooping bindings are stored immediately after this command is used, and then updated at the interval set by the dhcp-snooping binding database update interval command.
· If you specify a subdirectory in the name of the file that stores DHCP snooping entries, make sure that the subdirectory is available on each MPU. Otherwise, the system will fail to create the file on MPUs without the specified subdirectory. To solve this problem, cancel the current configuration and specify a new subdirectory in the file name.
Related commands: dhcp-snooping binding database update interval.
Examples
# Specify the name of the file for storing DHCP snooping bindings as database.dhcp.
<Sysname> system-view
[Sysname] dhcp-snooping binding database filename database.dhcp
dhcp-snooping binding database update interval
Syntax
dhcp-snooping binding database update interval minutes
undo dhcp-snooping binding database update interval
View
System view
Default level
2: System level
Parameters
minutes: Refresh interval in minutes, in the range of 1 to 14400.
Description
Use the dhcp-snooping binding database update interval command to set the interval at which the DHCP snooping binding file is refreshed.
Use the undo dhcp-snooping binding database update interval command to restore the default.
By default, the DHCP snooping binding file is not refreshed periodically.
Note the following:
· With this command configured, DHCP snooping will check bindings periodically. If a binding is added or removed during an interval, DHCP snooping will add or remove this binding to or from the file at the end of this interval; if no change occurs within the interval, DHCP snooping will not refresh the file.
· This command takes effect only when the DHCP snooping binding file is specified.
Related commands: dhcp-snooping binding database filename.
Examples
# Configure the DHCP snooping binding file to be refreshed every 10 minutes.
<Sysname> system-view
[Sysname] dhcp-snoooping binding database update interval 10
dhcp-snooping binding database update now
Syntax
dhcp-snooping binding database update now
View
System view
Default level
2: System level
Parameters
None
Description
Use the dhcp-snooping binding database update now command to store DHCP snooping bindings to the file.
Note the following:
· DHCP snooping bindings will be stored to the file each time this command is used.
· This command takes effect only when the DHCP snooping binding file is specified.
Related commands: dhcp-snooping binding database filename.
Examples
# Store DHCP snooping bindings to the file.
<Sysname> system-view
[Sysname] dhcp-snooping binding database update now
dhcp-snooping check mac-address
Syntax
dhcp-snooping check mac-address
undo dhcp-snooping check mac-address
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp-snooping check mac-address command to enable MAC address check on a DHCP snooping switch.
Use the undo dhcp-snooping check mac-address command to disable MAC address check of DHCP snooping.
By default, this function is disabled.
With this function enabled, the DHCP snooping switch compares the chaddr field of a received DHCP request with the source MAC address field in the frame. If they are the same, the DHCP snooping switch decides this request valid and forwards it to the DHCP server. If not, the DHCP request is discarded.
Examples
# Enable MAC address check of DHCP snooping.
<Sysname> system-view
[Sysname] interface GigabitEthernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping check mac-address
dhcp-snooping check request-message
Syntax
dhcp-snooping check request-message
undo dhcp-snooping check request-message
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp-snooping check request-message command to enable DHCP-REQUEST message check of DHCP snooping.
Use the undo dhcp-snooping check request-message command to disable DHCP-REQUEST message check of the DHCP snooping.
By default, this function is disabled.
With this function enabled, upon receiving a DHCP-REQUEST message, a DHCP snooping switch searches local DHCP snooping entries for the corresponding entry of the message. If an entry is found, the DHCP snooping switch compares the entry with the message information. If they are consistent, the DHCP-REQUEST message is considered as valid lease renewal request and forwarded to the DHCP server. If they are not consistent, the messages is considered as forged lease renewal request and discarded. If no corresponding entry is found locally, the message is considered valid and forwarded to the DHCP server.
Examples
# Enable DHCP-REQUEST message check of DHCP snooping.
<Sysname> system-view
[Sysname] interface GigabitEthernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping check request-message
dhcp-snooping information circuit-id format-type
Syntax
dhcp-snooping information circuit-id format-type { ascii | hex }
undo dhcp-snooping information circuit-id format-type
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Description
Use the dhcp-snooping information circuit-id format-type command to configure the code type for the non-user-defined circuit ID sub-option.
Use the undo dhcp-snooping information circuit-id format-type command to restore the default.
By default, the code type for the circuit ID sub-option depends on the padding format of Option 82. Each field has its own code type.
This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option using the dhcp-snooping information circuit-id string command, ASCII is adopted as the code type. The private padding format supports only the hex code type.
Related commands: display dhcp-snooping information and dhcp-snooping information format.
Examples
# Configure the padding format for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information circuit-id format-type ascii
dhcp-snooping information circuit-id string
Syntax
dhcp-snooping information [ vlan vlan-id ] circuit-id string circuit-id
undo dhcp-snooping information [ vlan vlan-id ] circuit-id string
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.
circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Description
Use the dhcp-snooping information circuit-id string command to configure the padding content for the user-defined circuit ID sub-option.
Use the undo dhcp-snooping information circuit-id string command to restore the default.
By default, the padding content for the circuit ID sub-option depends on the padding format of Option 82.
Note the following:
· After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.
· If a VLAN is specified, the configured circuit ID sub-option only takes effect within the VLAN; if no VLAN is specified, the configured circuit ID sub-option takes effect in all VLANs. The former case has a higher priority. The circuit ID sub-option specified for a VLAN will be padded for packets within the VLAN.
Related commands: dhcp-snooping information format and display dhcp-snooping information.
Examples
# Configure the global padding content for the user-defined circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information circuit-id string company001
dhcp-snooping information enable
Syntax
dhcp-snooping information enable
undo dhcp-snooping information enable
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
None
Description
Use the dhcp-snooping information enable command to configure DHCP snooping to support Option 82.
Use the undo dhcp-snooping information enable command to disable this function.
By default, DHCP snooping does not support Option 82.
Related commands: display dhcp-snooping information.
Examples
# Configure DHCP snooping to support Option 82.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information enable
dhcp-snooping information format
Syntax
dhcp-snooping information format { normal | private private | standard | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp-snooping information format
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
normal: Specifies the normal padding format.
private private: Specifies the private padding format. The private value can only be 1, which represents the private padding format.
standard: Specifies the standard padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.
· mac indicates using MAC address as the node identifier.
· sysname indicates using the device name of a node as the node identifier.
· user-defined node-identifier indicates using a specified character string as the node identifier, in which node-identifier is a string of 1 to 50 characters.
Description
Use the dhcp-snooping information format command to specify the padding format for Option 82.
Use the undo dhcp-snooping information format command to restore the default.
By default, the padding format for Option 82 is normal.
When you use the undo dhcp-snooping information format command, if the verbose node-identifier argument is not specified, the padding format will be restored to normal; if the verbose node-identifier argument is specified, the padding format will be restored to verbose with MAC address as the node identifier.
Related commands: display dhcp-snooping information.
Examples
# Specify the padding format as verbose for Option 82.
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information strategy replace
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information format verbose
dhcp-snooping information remote-id format-type
Syntax
dhcp-snooping information remote-id format-type { ascii | hex }
undo dhcp-snooping information remote-id format-type
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Description
Use the dhcp-snooping information remote-id format-type command to configure the code type for the non-user-defined remote ID sub-option.
Use the undo dhcp-snooping information remote-id format-type command to restore the default.
By default, the code type for the remote ID sub-option is HEX.
This command applies to configuring a non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option using the dhcp-snooping information remote-id string command, ASCII is adopted as the code type. The private padding format supports only the hex code type.
Related commands: display dhcp-snooping information and dhcp-snooping information format.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information remote-id format-type ascii
dhcp-snooping information remote-id string
Syntax
dhcp-snooping information [ vlan vlan-id ] remote-id string { remote-id | sysname }
undo dhcp-snooping information [ vlan vlan-id ] remote-id string
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.
remote-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Description
Use the dhcp-snooping information remote-id string command to configure the padding content for the user-defined remote ID sub-option.
Use the undo dhcp-snooping information remote-id string command to restore the default.
By default, the padding content for the remote ID sub-option depends on the padding format of Option 82.
Note the following:
· After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.
· If a VLAN is specified, the configured remote ID sub-option only takes effect within the VLAN; if no VLAN is specified, the configured remote ID sub-option takes effect in all VLANs. The former case has a higher priority. The remote ID sub-option configured for a VLAN will be padded for the packets within the VLAN.
|
|
NOTE: If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string “Sysname” command. |
Related commands: dhcp-snooping information format and display dhcp-snooping information.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information remote-id string device001
dhcp-snooping information strategy
Syntax
dhcp-snooping information strategy { append | drop | keep | replace }
undo dhcp-snooping information strategy
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
append: Forwards the message containing Option 82 after adding content to the sub-option 9 of option 82. The append strategy is supported only when the private padding format and sub-option 9 are configured. In other cases, the device forwards the message without changing Option 82.
drop: Drops the requesting message containing Option 82.
keep: Forwards the requesting message containing Option 82 without changing Option 82.
replace: Forwards the requesting message containing Option 82 after replacing the original Option 82 with the one padded in specified format.
Description
Use the dhcp-snooping information strategy command to configure the handling strategy for Option 82 in requesting messages.
Use the undo dhcp-snooping information strategy command to restore the default.
By default, the handling strategy for Option 82 in requesting messages is replace.
Related commands: display dhcp-snooping information, dhcp-snooping information format, and dhcp-snooping information sub-option.
Examples
# Configure the handling strategy for Option 82 in requesting messages as keep.
<Sysname> system-view
[Sysname] interface gigabitethernet3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet3/0/1] dhcp-snooping information strategy keep
dhcp-snooping information sub-option
Syntax
dhcp-snooping information [ vlan vlan-id ] sub-option sub-option-code [ string user-string&<1-8> ]
undo dhcp-snooping information [ vlan vlan-id ] sub-option sub-option-code
View
Layer 2 Ethernet port view, Layer 2 aggregate interface view, WLAN-BSS interface, WLAN-ESS interface.
Default level
2: System level
Parameters
vlan vlan-id: Specifies the ID of a VLAN, in the range of 1 to 4094.
sub-option sub-option-code: Specifies the number of the sub-option. Currently, only sub-option 9 is supported.
string user-string&<1-8>: Configures the content of the sub-option, a case-sensitive string of 1 to 63 characters. &<1-8> represents that you can enter a maximum of 8 strings separated by spaces.
Description
Use the dhcp-snooping information sub-option command to configure a sub-option.
Use the undo dhcp-snooping information sub-option command to restore the default.
By default, no sub-option is configured.
Note that:
· This configuration applies to the private padding format only. To configure the private padding format, use the dhcp-snooping information format private 1 command.
· If no content is configured for sub-option 9 with the string user-string option, the primary device uses sysname and the primary address of the Loopback0 interface to pad sub-option 9 and the secondary device uses sysname to pad sub-option 9. The device configured with the dhcp-snooping information strategy append command is the primary device and a device configured with some other strategy is a secondary device.
· After you use the string user-string option to configure sub-option 9, the device uses the ASCII code type to pad the characters into sub-option 9 in the order that they are configured. When the total length of all sub-options reaches 255, the device stops padding automatically.
· The sub-option 9 content configured only applies to the VLAN that is specified by the vlan vlan-id option. If no VLAN ID is specified, the sub-option 9 content applies to all VLANs. A VLAN prefers its own sub-option 9 content over the one configured for all VLANs.
Related commands: dhcp-snooping information format, dhcp-snooping information strategy, and display dhcp-snooping information.
Examples
# Configure the user-defined sub-option 9 as group001.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet 1/0/1] dhcp-snooping information sub-option 9 string group001
dhcp-snooping trust
Syntax
dhcp-snooping trust [ no-user-binding ]
undo dhcp-snooping trust
View
Layer 2 Ethernet interface view, Layer 2 aggregation interface view
Default level
2: System level
Parameters
no-user-binding: Specifies the port not to record the clients’ IP-to-MAC bindings in DHCP requests it receives. The command without this keyword records the IP-to-MAC bindings of clients.
Description
Use the dhcp-snooping trust command to configure a port as a trusted port.
Use the undo dhcp-snooping trust command to restore the default state of a port.
All ports are untrusted by default.
After enabling DHCP snooping, you need to specify the ports connected to the valid DHCP servers as trusted to make sure that DHCP clients can obtain valid IP addresses.
Related commands: display dhcp-snooping trust.
Examples
# Specify GigabitEthernet 3/0/1 as a trusted port and enable it to record the IP-to-MAC bindings of clients.
<Sysname> system-view
[Sysname] interface gigabitethernet 3/0/1
[Sysname-GigabitEthernet3/0/1] dhcp-snooping trust
display dhcp-snooping
Syntax
display dhcp-snooping [ ip ip-address ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
ip ip-address: Displays DHCP snooping entry information corresponding to the specified IP address.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp-snooping command to display DHCP snooping entries.
|
|
NOTE: Using the display dhcp-snooping command displays the DHCP snooping entries containing IP-to-MAC bindings that are present both in the DHCP-ACK and DHCP-REQUEST messages. |
Related commands: dhcp-snooping and reset dhcp-snooping.
Examples
# Display all DHCP snooping entries.
<Sysname> display dhcp-snooping
DHCP Snooping is enabled.
The client binding table for all untrusted ports.
Type : D--Dynamic , S--Static , R--Recovering
Type IP Address MAC Address Lease VLAN SVLAN Interface
==== =============== ============== ============ ==== ===== =================
D 10.1.1.1 00e0-fc00-0006 286 1 2 GigabitEthernet3/0/1
--- 1 dhcp-snooping item(s) found ---
Table 14 Output description
|
Field |
Description |
|
Type |
Binding type, which can be: · D—Dynamic · S—Static. Static DHCP snooping entries are not supported. · R—Specifies that the DHCP snooping entry is being restored through the DHCP snooping entry file, and the interface in the entry is invalid. |
|
IP Address |
IP address assigned to the DHCP client |
|
MAC Address |
MAC address of the DHCP client |
|
Lease |
Lease period left (in seconds) |
|
VLAN |
Outer VLAN tag when DHCP snooping and QinQ are both enabled or the DHCP snooping device receives a packet with two VLAN tags; or VLAN where the port connecting the DHCP client resides |
|
SVLAN |
Inner VLAN tag when DHCP snooping and QinQ are both enabled or the DHCP snooping device receives a packet with two VLAN tags; or 0. |
|
Interface |
Port to which the DHCP client is connected |
display dhcp-snooping binding database
Syntax
display dhcp-snooping binding database [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp-snooping binding database command to display the DHCP snooping binding file information.
Examples
# Display the DHCP snooping binding file information.
<Sysname> display dhcp-snooping binding database
File name : cfa0:/database.dhcp
Update interval : 10 minutes
Latest read time : Jul 15 2008 16:38:22
Latest write time : Jul 15 2008 16:38:24
Status : Last write succeeded.
Table 15 Output description
|
Field |
Description |
|
File name |
File name |
|
Update interval |
Interval at which the DHCP snooping binding file is refreshed |
|
Latest read time |
The last time when the file is read |
|
Latest write time |
The last time when the file is written |
|
Status |
Indicates whether the file was written successfully last time |
display dhcp-snooping information
Syntax
display dhcp-snooping information { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
all: Displays the Option 82 configuration information of all Layer 2 Ethernet interfaces.
interface interface-type interface-number: Displays the Option 82 configuration information of a specified interface.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp-snooping information command to display Option 82 configuration information on the DHCP snooping device.
Examples
# Display the Option 82 configuration information of all interfaces.
<Sysname> display dhcp-snooping information all
Interface: GigabitEthernet 3/0/1
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: aabbcc
Sub-option 9: Enabled
User defined:
Circuit ID: company001
Sub-option 9 content: group1
Interface: GigabitEthernet 3/0/2
Status: Disable
Strategy: Keep
Format: Normal
Circuit ID format-type: HEX
Remote ID format-type: ASCII
User defined:
Circuit ID: company001
Remote ID: device001
VLAN 10:
Circuit ID: vlan10@company001
Sub-option 9: Enable
Sub-option 9 content: group1
VLAN 20:
Remote ID: device001
Sub-option 9: Enabled
display dhcp-snooping packet statistics
Syntax
Standalone mode:
display dhcp-snooping packet statistics [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]
IRF mode:
display dhcp-snooping packet statistics [ chassis chassis-number slot slot-number ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
slot slot-number: Specifies a card by its slot number. Use this option when your switch is operating in standalone (the default) mode.
chassis chassis-number slot slot-number: Specifies a card on an IRF member switch. The chassis-number argument represents the ID of the IRF member switch, and the slot-number argument represents the number of the slot that holds the card. You can display the member ID and slot number with the display device command. Use this option when your switch is operating in IRF mode.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp-snooping packet statistics command to display DHCP packet statistics on the DHCP snooping switch.
Note the following:
· Executing the display dhcp-snooping packet statistics command on the switch without a slot specified displays DHCP packet statistics on the card where the command is executed.
· In IRF mode, executing the display dhcp-snooping packet statistics command without chassis chassis-number slot slot-number specified displays DHCP packet statistics on the member switch card where the command is executed.
Related commands: reset dhcp-snooping packet statistics.
Examples
# Display DHCP packet statistics on the DHCP snooping switch.
<Sysname> display dhcp-snooping packet statistics
DHCP packets received : 100
DHCP packets sent : 200
Packets dropped due to rate limitation : 20
Dropped invalid packets : 0
display dhcp-snooping trust
Syntax
display dhcp-snooping trust [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display dhcp-snooping trust command to display information about trusted ports.
Related commands: dhcp-snooping trust.
Examples
# Display information about trusted ports.
<Sysname> display dhcp-snooping trust
DHCP Snooping is enabled.
DHCP Snooping trust becomes active.
Interface Trusted
========================= ============
GigabitEthernet3/0/1 Trusted
The output shows that DHCP snooping is enabled, DHCP snooping trust is active, and port GigabitEthernet 3/0/1 is trusted.
reset dhcp-snooping
Syntax
reset dhcp-snooping { all | ip ip-address }
View
User view
Default level
1: Monitor level
Parameters
all: Clears all DHCP snooping binding information.
ip ip-address: Clears the DHCP snooping binding information of the specified IP address.
Description
Use the reset dhcp-snooping command to clear DHCP snooping binding information.
DHCP snooping binding information on all slots will be cleared after you execute this command.
Related commands: display dhcp-snooping.
Examples
# Clear all DHCP binding information.
<Sysname> reset dhcp-snooping all
reset dhcp-snooping packet statistics
Syntax
Standalone mode:
reset dhcp-snooping packet statistics [ slot slot-number ]
IRF mode:
reset dhcp-snooping packet statistics [ chassis chassis-number slot slot-number ]
View
User view
Default level
2: System level
Parameters
slot slot-number: slot slot-number: Specifies a card by its slot number. Use this option when your switch is operating in standalone (the default) mode.
chassis chassis-number slot slot-number: Specifies a card on an IRF member switch. The chassis-number argument represents the ID of the IRF member switch, and the slot-number argument represents the number of the slot that holds the card. You can display the member ID and slot number with the display device command. Use this option when your switch is operating in IRF mode.
Description
Use the reset dhcp-snooping packet statistics command to clear DHCP packet statistics on the DHCP snooping switch.
Note the following:
· Executing the reset dhcp-snooping packet statistics command on the switch without a slot specified clears DHCP packet statistics on the card where the command is executed.
· In the IRF mode, executing the reset dhcp-snooping packet statistics command on the switch without chassis chassis-number slot slot-number specified clears DHCP packet statistics on the member switch card where the command is executed.
Related commands: display dhcp-snooping packet statistics.
Examples
# Clear DHCP packet statistics on the DHCP snooping switch.
<Sysname> reset dhcp-snooping packet statistics
