2-8To improve security and avoid malicious attack to the unused sockets, S5600 Ethernet switchesprovide the following functions:z UDP 67 and UDP 68 ports used by DHCP are enabled only when DHCP is enabled.z UDP 67 and UDP 68 ports are disabled when DHCP is disabled.The corresponding implementation is as follows:z After a DHCP address pool is created by executing the dhcp server ip-pool command, the UDP 67and UDP 68 ports used by DHCP are enabled.z After a DHCP address pool is deleted by executing the undo dhcp server ip-pool command and allother DHCP functions are disabled, UDP 67 and UDP 68 ports used by DHCP are disabledaccordingly.Configuring the dynamic IP address allocation modeIP addresses dynamically assigned to DHCP clients (including those that are permanently leased andthose that are temporarily leased) belong to addresses segments that are previously specified.Currently, an address pool can contain only one address segment, whose ranges are determined by thesubnet mask.To avoid address conflicts, the DHCP server automatically excludes IP addresses (used by the gateway,FTP server and so forth) specified with the dhcp server forbidden-ip command from dynamicallocation.The lease time can differ with address pools. But that of the IP addresses of the same address pool arethe same. Lease time is not inherited, that is to say, the lease time of a child address pool is not affectedby the configuration of the parent address pool.Follow these steps to configure the dynamic IP address allocation mode:To do… Use the command… RemarksEnter system view system-view —Enter DHCP address pool view dhcp server ip-pool pool-name —Set the IP address segment whoseIP address are to be assigneddynamicallynetwork network-address [ maskmask ]RequiredBy default, no IP address segmentis set. That is, no IP address isavailable for being assignedConfigure the lease time expired { day day [ hour hour[ minute minute ] ] | unlimited }OptionalThe default lease time is one dayReturn to system view quit —Specify the IP addresses that arenot dynamically assigneddhcp server forbidden-iplow-ip-address [ high-ip-address ]OptionalBy default, except the IPaddresses of DHCP serverinterfaces, all IP addresses in aDHCP address pool areassignable.
