1-6To improve security and avoid malicious attack to the unused SOCKETs, S4500 Ethernet switchesprovide the following functions:z UDP 67 and UDP 68 ports used by DHCP are enabled only when DHCP is enabled.z UDP 67 and UDP 68 ports are disabled when DHCP is disabled.The corresponding implementation is as follows.z When a VLAN interface is mapped to a DHCP server group with the dhcp-server command, theDHCP relay agent is enabled. At the same time, UDP 67 and UDP 68 ports used by DHCP areenabled.z When the mapping between a VLAN interface and a DHCP server group is removed with the undodhcp-server command, DHCP services are disabled. At the same time, UDP 67 and UDP 68 portsused by DHCP are disabled.Examples# Enter system view. system-viewSystem View: return to User View with Ctrl+Z.# Enter VLAN-interface 1 view.[Sysname] interface vlan-interface 1# Specify that VLAN-interface 1 corresponds to DHCP server group 1.[Sysname-Vlan-interface1] dhcp-server 1dhcp-server detectSyntaxdhcp-server detectundo dhcp-server detectViewSystem viewParametersNoneDescriptionUse the dhcp-server detect command to enable the switch serving as a DHCP relay agent to detectunauthorized DHCP servers.Use the undo dhcp-server detect command to disable the unauthorized DHCP server detectionfunction.By default, the unauthorized DHCP server detection function is disabled