3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

581

582

583

584

585

586

587

588

589

590

582 CHAPTER 55: DHCP RELAY CONFIGURATION

can pass DHCP security check; otherwise you cannot access the network even if

you have obtained a valid IP address. If you invalidate the dynamic IP-to-MAC

mapping entries generated by the DHCP relay agent, this means that you specify

the clients as freely-connected hosts.

This configuration will take effect only after the address checking function of the

DHCP relay on the VLAN interface is enabled.

Configuring whether to allow freely-connected clients to pass DHCP

security check

A freely-connected client refers to the client whose IP address and MAC address

are not in the DHCP security table. When the freely-connected client is not

allowed to pass DHCP security check, you cannot access the network on this client

even if the freely-connected client has a valid IP address.

This configuration will take effect only after the address checking function of the

DHCP relay on the VLAN interface is enabled.

Configuring DHCP relay handshake

When the DHCP client obtains an IP address from the DHCP server through the

DHCP relay, the DHCP relay records the binding relationship of the IP address and

the MAC address. After the DHCP relay handshake function is enabled, the DHCP

relay sends the handshake packet (the DHCP-REQUEST packet) which carries

includes the IP address recorded in the binding and its own bridge MAC address to

the DHCP server periodically.

■ If the DHCP server returns the DHCP-ACK packet, it indicates that the IP

address can be assigned. The DHCP relay ages the corresponding entry in the

user address table.

Tabl e 454 Configure dynamic entries generated by DHCP relays

Operation Command Description

Enter system view system-view -

Enter VLAN interface view

interface interface-type

interface-number

Validate the dynamic entries

generated by the DHCP relay

address-check dhcp-relay

enable

Optional

By default, the dynamic

IP-to-MAC mapping entries

generated by the DHCP relay

are valid

Tabl e 455 Configure whether to allow freely-connected clients to pass DHCP security

check

Operation Command Description

Enter system view system-view -

Enter VLAN interface view

interface interface-type

interface-number

Forbid freely-connected

clients to pass DHCP security

check

address-check no-matched

enable

Optional

Freely-connected clients are

not allowed to pass DHCP

security check