configure trusted-servers add server

configure trusted-servers [dynamic vlan_id |{vlan} vlan_name] add server ip_address trust-for dhcp-server

Description

Configures and enables a trusted DHCP server on the switch.

Syntax Description

vlan_name Specifies the VLAN name.
dynamic Configuration options for dynamically created VLANs.
vlan_id VLAN ID tag between 1 and 4,094.
ip_address Specifies the IP address of the trusted DHCP server.

Default

N/A.

Usage Guidelines

If you configured trusted DHCP server, the switch forwards only DHCP packets from the trusted servers. The switch drops DHCP packets from other DHCP snooping-enabled ports.

You can configure a maximum of eight trusted DHCP servers on the switch.

If you configure a port as a trusted port, the switch assumes that all DHCP server packets on that port are valid.

Displaying DHCP Trusted Server Information

To display the DHCP snooping configuration settings, including DHCP trusted servers if configured, use the following command:

show ip-security dhcp-snooping {vlan} vlan_name

To display any violations that occur, including those on the DHCP trusted servers if configured, use the following command:

show ip-security dhcp-snooping violations {vlan} vlan_name

Example

The following command configures a trusted DHCP server on the switch:

configure trusted-servers vlan purple add server 10.10.10.10 trust-for dhcp-server

History

This command was first available in ExtremeXOS 11.6.

Dynamic VLAN and VLAN ID options added in ExtremeXOS 30.2.

Platform Availability

This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.