209
After DHCPv6 snooping is enabled, to ensure that DHCPv6 clients can obtain IPv6 addresses from an
authorized DHCPv6 server, you need to configure the port that connects to the authorized DHCPv6 server
as a trusted port.
Examples
# Configure Ethernet interface GigabitEthernet 1/0/1 as a trusted port.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] ipv6 dhcp snooping trust
ipv6 dhcp snooping vlan enable
Syntax
ipv6 dhcp snooping vlan enable
undo ipv6 dhcp snooping vlan enable
View
VLAN view
Default level
2: System level
Parameters
None
Description
Use the
ipv6 dhcp snooping vlan enable
command to enable DHCPv6 snooping for a specific VLAN.
Use the
undo ipv6 dhcp snooping vlan enable
command to disable DHCPv6 snooping for a specific
VLAN.
By default, DHCPv6 snooping is disabled for a VLAN.
After DHCPv6 snooping is enabled globally and then enabled for a VLAN, the DHCPv6 snooping device
records DHCPv6 snooping entries according to the DHCPv6 packets received in the VLAN. Meanwhile,
upon receiving a DHCPv6 request from a client in the VLAN, the device forwards the packet through
trusted ports rather than any untrusted port in the VLAN, thus reducing network traffic.
Examples
# Enable DHCPv6 snooping for VLAN 1.
<Sysname> system-view
[Sysname] vlan 1
[Sysname-vlan1] ipv6 dhcp snooping vlan enable
reset ipv6 dhcp snooping user-binding
Syntax
reset ipv6 dhcp snooping user-binding
{
ipv6-address
|
dynamic
}
View
User view