Configuring Trusted and Un-trusted Ports
Usually the port connected to server is configured as trusted port and the ports connected to client is configured as untrusted port
In this example, xe1 is connected to the DHCP client and xe2 is connected to the DHCP server.
• Configure xe1 connected to DHCP client as un-trusted port.
• Configure xe2 connected to the DHCP server as trusted port.
#configure terminal | Enter configure mode. |
(config)#interface xe1 | Specify the interface to be configured |
(config-if)#no ip dhcp snooping trust | Disable the port as trusted. |
(config-if)#exit | Exit interface mode |
(config)#interface xe2 | Specify the interface to be configured |
(config-if)#ip dhcp snooping trust | Enable the port as trusted. |
(config-if)#exit | Exit interface mode |
Validation
Verify that static DHCP snooping entries are configured for the bridge:
#sh ip dhcp snooping binding bridge 1
Total number of static IPV4 entries : 1
Total number of dynamic IPV4 entries : 0
Total number of static IPV6 entries : 1
Total number of dynamic IPV6 entries : 0
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- ---------------
0011.1111.2222 1.1.1.1 0 static 2 xe1
0022.2222.3333 3ffe::1 0 static 2 xe1
Last modified date: 07-14-2023