No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Security

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document provides the basic concepts, configuration procedures, and configuration examples in different application scenarios of the network management feature supported by the device.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the LDRA to Detect Client Locations

Configuring the LDRA to Detect Client Locations

Context

To allow a DHCPv6 server to detect client locations on a DHCPv6 network, configure the lightweight DHCPv6 relay agent (LDRA) on the client-side access device.

After the LDRA is configured on a DHCPv6 network with a large number of trusted clients, disable the device from generating DHCP snooping binding entries. Without this function enabled, new users cannot go online if the number of DHCP snooping binding entries reaches the upper limit. In addition, the LDRA-enabled device inserts the interface-ID or remote-ID option into the Relay-Forward message to record client location information. Configure the formats of interface-ID and remote-ID depending on the actual location of users on the network.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run vlan vlan-id

    The VLAN view is displayed.

  3. Run dhcpv6 snooping relay-information enable [ trust ]

    The LDRA is enabled for DHCPv6 snooping.

    By default, the LDRA is disabled for DHCPv6 snooping.

  4. Run quit

    Return to the system view.

  5. (Optional) Run dhcpv6 interface-id format { default | user-defined text }

    The format of the interface-id option in the DHCPv6 packets is configured.

    By default, the interface-id option is in the default format.

  6. (Optional) Run dhcpv6 remote-id format { default | user-defined text }

    The format of the remote-id option in the DHCPv6 packets is configured.

    By default, the remote-id option is in the default format.

  7. (Optional) Disable the interface from generating DHCP snooping binding entries after the DHCP snooping function has been enabled.

    When this configuration is performed in the VLAN view, the configuration takes effect for all DHCP users belonging to this VLAN on all interfaces. When this configuration is performed in the interface view, the configuration takes effect for all DHCP users connecting to this interface.

    By default, an interface generates DHCP snooping binding entries after DHCP snooping is enabled.

    Configuration Dimension

    Step

    VLAN-based configuration

    For a batch of VLANs in the system view

    • Run the dhcp snooping enable no-user-binding vlan { vlan-id1 [ to vlan-id2 ] }&<1-10> command to disable the interfaces from generating DHCP snooping binding entries after DHCP snooping is enabled.

    For a single VLAN in the VLAN view

    1. Run the vlan vlan-id command to enter the VLAN view.
    2. Run the dhcp snooping enable no-user-binding command to disable the interfaces from generating DHCP snooping binding entries after DHCP snooping is enabled.
    3. Run the quit command to return to the system view.
    Interface-based configuration
    1. Run the interface interface-type interface-number command to enter the interface view.
    2. Run the dhcp snooping enable no-user-binding command to disable the interfaces from generating DHCP snooping binding entries after DHCP snooping is enabled.
    3. Run the quit command to return to the system view.

Translation
Download
Updated: 2019-08-07

Document ID: EDOC1100034077

Views: 127340

Downloads: 231

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next