Dell POWERCONNECT 6200 SERIES Configuration Manual

Also see for POWERCONNECT 6200 SERIES: Getting started guide Getting started guide

Contents

Switching Configuration 57The hardware rate limits DHCP packets sent to the CPU from interfaces to 64 Kbps.The DHCP snooping application processes incoming DHCP messages. For DHCPRELEASE andDHCPDECLINE messages, the application compares the receive interface and VLAN with the clientinterface and VLAN in the bindings database. If the interfaces do not match, the application logs theevent and drops the message. For valid client messages, DHCP snooping compares the source MACaddress to the DHCP client hardware address. When there is a mismatch, DHCP snooping logs anddrops the packet. The network administrator can disable this feature using the no ip dhcp snoopingverify mac-address command. DHCP snooping forwards valid client messages on trusted memberswithin the VLAN. If DHCP relay co-exists with DHCP snooping, DHCP client messages are sent toDHCP relay for further processing.The DHCP snooping application uses DHCP messages to build and maintain the binding's database.The binding's database only includes data for clients on untrusted ports. DHCP snooping creates atentative binding from DHCP DISCOVER and REQUEST messages. Tentative bindings tie a client to aport (the port where the DHCP client message was received). Tentative bindings are completed whenDHCP snooping learns the client's IP address from a DHCP ACK message on a trusted port. DHCPsnooping removes bindings in response to DECLINE, RELEASE, and NACK messages. DHCPSnooping application ignores the ACK messages as reply to the DHCP Inform messages received ontrusted ports. The administrator can also enter static bindings into the binding database.The DHCP binding database resides on a configured external server or locally in flash depending uponthe user configuration. When a switch learns of new bindings or when it loses bindings, the switchimmediately updates the entries in the database. The switch also updates the entries in the bindings file.The frequency at which the file is updated is based on a configurable delay, and the updates are batched.If the absolute lease time of the snooping database entry expires, the entry is removed. If the system timeis not consistent across reboots, snooping entries will not expire properly. If a host sends a DHCP releasewhile the switch is rebooting, when the switch receives the DHCP discovery or request, the client'sbinding will go to the tentative binding.