No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


NE20E-S2 V800R010C10SPC500 Configuration Guide - Security 01

This is NE20E-S2 V800R010C10SPC500 Configuration Guide - Security
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Overview of DHCP Snooping

Overview of DHCP Snooping

This section describes the basic concepts of Dynamic Host Configuration Protocol (DHCP) snooping.

Dynamic Host Configuration Protocol (DHCP) snooping is a DHCP security feature that functions in a similar way to a firewall between DHCP clients and servers. A DHCP-snooping-capable device intercepts DHCP packets and uses information carried in the packets to create a DHCP snooping binding table. This table records hosts' media access control (MAC) addresses, IP addresses, IP address lease time, virtual local area network (VLAN) IDs, and interface information. The device uses this table to check the validity of received DHCP packets. If a DHCP reply packet is received from an untrusted interface, the device discards the packet. In addition, DHCP snooping can associate with IP source guard or dynamic ARP inspection (DAI) to filter out IP and Address Resolution Protocol (ARP) packets from unauthorized clients.

Updated: 2019-01-02

Document ID: EDOC1100055397

Views: 22136

Downloads: 39

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next