KB.15.15

Figure 273 Showing the DHCP snooping verify MAC setting

DHCP binding database

DHCP snooping maintains a database of up to 8192 DHCP bindings on untrusted ports. Each

binding consists of:

• Client MAC address

• Port number

• VLAN identifier

• Leased IP address

• Lease time

The switch can be configured to store the bindings at a specific URL so they will not be lost if the

switch is rebooted. If the switch is rebooted, it will read its binding database from the specified

location. To configure this location use this command.

Syntax

[no]dhcp-snooping database

[file<tftp://<ip-address>/<ascii-string>>][delay<15-86400>][timeout<0-86400>]

file

Must be in Uniform Resource Locator (URL) format —

“tftp://ip-address/ascii-string”. The maximum filename length is 63 characters.

delay

Number of seconds to wait before writing to the database. Default = 300

seconds.

timeout

Number of seconds to wait for the database file transfer to finish before returning

an error. A value of zero (0) means retry indefinitely. Default = 300 seconds.

A message is logged in the system event log if the DHCP binding database fails to update. To

display the contents of the DHCP snooping binding database, enter this command.

Syntax

show dhcp-snooping binding

Figure 274 Showing DHCP snooping binding database contents

Using Port Security 373