show ip-security dhcp-snooping

show ip-security dhcp-snooping [ {vlan} vlan_name | vlan vlan_list]

Description

Displays the DHCP (Dynamic Host Configuration Protocol) snooping configurations on the switch.

Syntax Description

vlan_name Specifies the name of the DHCP-snooping VLAN (Virtual LAN).
vlan_name Specifies the name of the DHCP-snooping VLAN list.

Default

N/A.

Usage Guidelines

The switch displays the following DHCP snooping information:
  • DHCP snooping enabled on ports—The ports that have DHCP snooping enabled.
  • Trusted ports—The ports configured as trusted ports.
  • Trusted DHCP servers—The servers configured as trusted DHCP servers.
  • Port—The specific port that has DHCP snooping enabled.
  • Violation-action—The action the switch takes upon detecting a rogue DHCP packet on the port.

Example

The following sample output displays the DHCP snooping settings for the switch:

# show ip-security dhcp-snooping vlan "Default"
DHCP Snooping enabled on ports: 7, 9, 11
Trusted Ports: None
Trusted DHCP Servers: None
Bindings Restoration     : Enabled
Bindings Filename        : dhcpsonia.xsf
Bindings File Location   :
Primary Server  : 10.1.1.14, VR-Default, TFTP
Secondary Server: None
Bindings Write Interval  : 5 minutes
Bindings last uploaded at:
------------------------------------
Port            Violation-action
------------------------------------
7               none
9               none
11              none

History

This command was first available in ExtremeXOS 11.6.

The vlan_list variable was added in ExtremeXOS 16.1.

Platform Availability

This command is available on the Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X440-G2, X620, X690, X870 series switches.