[Enhancement] ECS4120 series support DHCPSNP "vlan-flooding"

Steven_zhangCreated at:Dec 11, 2019 14:32:32Updated at:Dec 11, 2019 14:32:36

The basic DHCPSNP topology and configuration on the switch as below.

mceclip1.png

Original Behavior: (Not support “vlan-flooding” command or “vlan-flooding” enabled.)

When the switch enabled DHCPSNP function globally, the client will request the IP address by sending out the DHCP packets (Discover/Request) to untrust port.

This DHCP packet belongs to the vlan which includes in DHCPSNP enable vlan list, the switch will forward it to trust port only which is also the vlan member.

If this DHCP packet belongs to the vlan which doesn’t include in DHCPSNP enable vlan list, the switch will forward/flood it to ALL other ports which are also the vlan member.

mceclip2.png

Disabled DHCPSNP vlan-flooding Behavior: (vlan-flooding is enabled on switch by default.)

The mechanism is the same when the DHCP packet belongs to the vlan which includes in DHCPSNP enable vlan list.

However, if this DHCP packet belongs to the vlan which doesn’t include in DHCPSNP enable vlan list, the switch will NOT forward/flood it to any other port which is also the vlan member.

The user could easily configure how the DHCP packets forward on switch ports.

mceclip3.png

[Result]
When the DHCP packets - Discover/Request from the clients is received.
mceclip4.png

Configuration via CLI/WEB/SNMP.

CLI command

Default is vlan-flooding enabled.

Console#con

Console(config)#interface ethernet 1/1

Console(config-if)#ip dhcp snooping vlan-flooding             ---> Enabled

or

Console(config-if)#no ip dhcp snooping vlan-flooding          ---> Disabled

mceclip5.png

WEB

Security > DHCP Snooping > Step: 3. Configure Interface > Enabled/Disabled Vlan Flooding

mceclip6.png

SNMP

[SNMPSET command format]

snmpset -v 2c -c private {switch ip} {dhcpSnoopPortVlanFlooding}.{dhcpSnoopPortIfIndex} {integer} {value}

For dhcpSnoopPortVlanFlooding, OID 1.3.6.1.4.1.259.10.1.45.1.46.3.1.1.7

 Set OID 1.3.6.1.4.1.259.10.1.45.1.46.3.1.1.7 to enabled(1) vlan flooding.

 Set OID 1.3.6.1.4.1.259.10.1.45.1.46.3.1.1.7 to disabled(2) vlan flooding.

For dhcpSnoopPortIfIndex: The port interface of dhcpSnoopPortIfIndex

 The ifIndex value of the port or trunk.

Enabled vlan flooding.

mceclip7.png

Disabled vlan flooding.

mceclip8.png

Support models and software version:

ECS4120 series v1.2.2.23 and above.


    Hot articles