xStack
®
DGS-3120 Series Layer 3 Managed Gigabit Ethernet Switch CLI Reference Guide
337
Chapter 27
DHCP Server Screening
Command List
config filter dhcp_server
[add permit server_ip <ipaddr> {client_mac <macaddr>} ports
[<portlist> | all] | delete permit server_ip <ipaddr> {client_mac <macaddr>} ports [<portlist> |
all] | ports [<portlist> | all] state [enable | disable] | illegal_server_log_suppress_duration [1min
| 5min | 30min]]
show filter dhcp_server
config filter dhcp_server log
[enable | disable]
config filter dhcp_server trap
[enable | disable]
create filter dhcpv6_server permit sip
<ipv6addr> ports [<portlist> | all]
config filter dhcpv6_server log
[enable | disable]
config filter dhcpv6_server ports
[<portlist> | all] state [enable | disable]
config filter dhcpv6_server trap
[enable | disable]
show filter dhcpv6_server
delete filter dhcpv6_server permit sip
<ipv6addr>
create filter icmpv6_ra_all_node permit sip
<ipv6addr> ports [<portlist> | all]
config filter icmpv6_ra_all_node log
[enable | disable]
config filter icmpv6_ra_all_node ports
[<portlist> | all] state [enable | disable]
config filter icmpv6_ra_all_node trap
[enable | disable]
show filter icmpv6_ra_all_node
delete filter icmpv6_ra_all_node permit sip
<ipv6addr>
27-1
config filter dhcp_server
Description
This command is used to configure DHCP server screening.
With DHCP server screening function, illegal DHCP server packet will be filtered. This command is
used to configure the state of the function for filtering of DHCP server packet and to add/delete the
DHCP server/client binding entry.
This command is useful for projects that support per port control of the DHCP server screening
function. The filter can be based on the DHCP server IP address, or based on a binding of the
DHCP server IP and client MAC address.
The command has two purposes: To specify to filter all DHCP server packets on the specific port
and to specify to allow some DHCP server packets with pre-defined server IP addresses and client
MAC addresses. With this function, we can restrict the DHCP server to service specific DHCP
clients. This is useful when two DHCP servers are present on the network, one of them provides
the private IP address, and one of them provides the IP address.
Enabling filtering of the DHCP server port state will create one access profile and create one
access rule per port (UDP port = 67). Filter commands in this file will share the same access profile.
Addition of a permit DHCP entry will create one access profile and create one access rule. Filtering
commands in this file will share the same access profile.
Format
config filter dhcp_server [add permit server_ip <ipaddr> {client_mac <macaddr>} ports
[<portlist> | all] | delete permit server_ip <ipaddr> {client_mac <macaddr>} ports [<portlist>
Summary of Contents for xStack DGS-3120 Series
Page 1: ......
Page 186: ...xStack DGS 3120 Series Layer 3 Managed Gigabit Ethernet Switch CLI Reference Guide 181...
Page 204: ...xStack DGS 3120 Series Layer 3 Managed Gigabit Ethernet Switch CLI Reference Guide 199...
Page 363: ...xStack DGS 3120 Series Layer 3 Managed Gigabit Ethernet Switch CLI Reference Guide 358...
Page 1056: ...xStack DGS 3120 Series Layer 3 Managed Gigabit Ethernet Switch CLI Reference Guide 1051...