Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4248FB-ON /S4248FBL-ON

281

282

283

284

285

286

287

288

289

290

In OS10, the MLD snooping and the Unknown Multicast Flood Control feature are enabled by default. Hence, all the unknown

multicast packets are dropped. In this case, the DHCPv6 solicit message is considered an unknown multicast packet and is

dropped.

For the DHCPv6 solicit messages to reach the DHCP server:

1. On the intermediate switch (L2 switch), you must do one of the following:

● Disable multicast snooping flood-restrict globally.

L2switch(config)# no multicast snooping flood-restrict

● Configure the specific VLAN interface as a multicast router interface using the ipv6 mld snooping mrouter

command.

L2switch(config)# interface vlan 10

L2switch(conf-if-vl-10)# ipv6 mld snooping mrouter interface ethernet 1/1/51

L2switch(conf-if-vl-10)# ipv6 mld version 2

L2switch(conf-if-vl-10)# ipv6 mld snooping query-interval 60

L2switch(conf-if-vl-10)# ipv6 mld snooping query-interval 130

L2switch(conf-if-vl-10)# ipv6 mld snooping query-max-resp-time 10

L2switch(conf-if-vl-10)# ipv6 mld snooping last-member-query-interval 1000

L2switch(conf-if-vl-10)# exit

● Disable MLD snooping on the specific VLAN interface.

L2switch(config)# interface vlan 10

L2switch(conf-if-vl-10)# no shutdown

L2switch(conf-if-vl-10)# no ipv6 mld snooping enable

● Disable MLD snooping globally.

L2switch(config)# no ipv6 mld snooping enable

2. On the relay agent, enable MLD querier on the specific VLAN interface.

L2switch(config)# interface vlan 10

L2switch(conf-if-vl-10)# ipv6 mld version 2

L2switch(conf-if-vl-10)# ipv6 mld snooping query-interval 60

L2switch(conf-if-vl-10)# ipv6 mld snooping query-interval 130

L2switch(conf-if-vl-10)# ipv6 mld snooping query-max-resp-time 10

L2switch(conf-if-vl-10)# ipv6 mld snooping last-member-query-interval 1000

L2switch(conf-if-vl-10)# exit

RA(config)# interface vlan 10

RA(conf-if-vl-10)# ipv6 address 3::1/64

RA(conf-if-vl-10)# ipv6 mld snooping querier

RA(conf-if-vl-10)# ipv6 helper-address 3::3

RA(conf-if-vl-10)# ipv6 mld version 2

RA(conf-if-vl-10)# ipv6 mld snooping query-interval 60

RA(conf-if-vl-10)# ipv6 mld snooping query-interval 130

RA(conf-if-vl-10)# ipv6 mld snooping query-max-resp-time 10

RA(conf-if-vl-10)# ipv6 mld snooping last-member-query-interval 1000

Option 82 for security

DHCP, as defined by RFC 2131, provides no authentication or security mechanisms. To ensure security, the DHCP relay agent

supports Option-82 with the Circuit ID sub-option, which is the printable name of the interface where the client request was

received.

282

System management