dhcp-filter-modify

DHCP snooping is a security feature which allows the network to avoid denial-of-service attacks from rogue DHCP servers. Trusted ports are defined to connect to the known DHCP servers. DHCP snooping also maintains a mapping table for current assignments.

In a DHCP packet flow, there are the following packet types:

  • DHCPDISCOVER/DHCPREQUEST — Packets from the DHCP client to server (UDP dest-port = 67)
  • DHCPOFFER/DHCPACK — Packets from the DHCP Server to client (UDP dest-port = 68)

This command is used to modify a DHCP filter.

Syntax   dhcp—filter-modify name name-string trusted-ports port-list

name name-string

Specify a name for the filter.

trusted-ports port-list

Specify a list of trusted ports.

Defaults   None

Access   Network Administrator

History   

Version 2.6.0

Command introduced.

Usage   Use this command to create a DHCP filter for trusted ports.

Examples  To modify a DHCP filter, trust-server-1 and change the ports to 33-35, use the following syntax:

CLI (network-admin@switch) > dhcp-filter-modify name trust-server-1 ports 33-35

north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south