Application environment of trusted ports
Configuring a trusted port connected to a DHCP server
Figure 33 Configuring trusted and untrusted ports
As shown in
should be configured as a trusted port. The trusted port forwards response messages from the authorized
DHCP server to the client, but the untrusted port does not forward response messages from the
unauthorized DHCP server. This makes sure that the DHCP client obtains an IP address from the
authorized DHCP server.
Configuring trusted ports in a cascaded network
In a cascaded network as shown in
DHCP snooping devices should be configured as trusted ports.
To save system resources, disable the trusted ports that are not directly connected to DHCP clients, from
recording client IP-to-MAC bindings (DHCP snooping entries) upon receiving DHCP requests.
Figure
33, the DHCP snooping device port that is connected to an authorized DHCP server
Figure
34, each DHCP snooping device's ports connected to other
73