3com 4210 PWR 9-Port 3CR17341-91-ME User Manual
Product codes
3CR17341-91-ME
25
DHCP S
NOOPING
C
ONFIGURATION
Introduction to DHCP
Snooping
Snooping
For the sake of security, the IP addresses used by online DHCP clients need to be
tracked for the administrator to verify the corresponding relationship between the
IP addresses the DHCP clients obtained from DHCP servers and the MAC addresses
of the DHCP clients.
tracked for the administrator to verify the corresponding relationship between the
IP addresses the DHCP clients obtained from DHCP servers and the MAC addresses
of the DHCP clients.
■
Switches can track DHCP clients' IP addresses through the security function of
the DHCP relay agent operating at the network layer.
the DHCP relay agent operating at the network layer.
■
Switches can track DHCP clients' IP addresses through the DHCP snooping
function at the data link layer.
function at the data link layer.
Figure 87 illustrates a typical network diagram for DHCP snooping application,
where Switch A is a Switch 4210.
where Switch A is a Switch 4210.
Figure 87 Typical network diagram for DHCP snooping application
DHCP snooping listens the DHCP-REQUEST packets to retrieve the IP addresses the
DHCP clients obtain from DHCP servers and the MAC addresses of the DHCP
clients:
DHCP clients obtain from DHCP servers and the MAC addresses of the DHCP
clients:
DHCP Client
Switch A
(
DHCP Snooping
)
DHCP Client
DHCP Client
DHCP Client
Switch B
(
DHCP Relay
)
Internet
Eth
1
/
0
/
2
Eth
1
/
0
/
1
DHCP Server