Allied Telesis Rapier i Series - Manual
Allied Telesis Rapier i Series – Manual, read for free online in PDF format. We hope this helps you resolve any issues you may have. If you have further questions, please contact us through the contact form.
Table of Contents:
- Page 2 – This document contains the following contents:
- Page 3 – Related How To Notes; How To Notes are available from the library at; DHCP snooping; DHCP snooping performs two main tasks:; Minimum configuration
- Page 4 – The database; DHCP snooping database time-out; show dhcpsnooping database
- Page 6 – Trusted and non-trusted ports; not; Enabling DHCP snooping; enable dhcpsnooping; Static binding
- Page 7 – Completely removing the DHCP snooping database; So the database is empty:
- Page 8 – DHCP Option 82; have
- Page 9 – Protocol details; The sub-options within the DHCP option are constructed as follows:; Example Packet
- Page 10 – Analysis; The Agent circuit ID string; Configuring Option 82; Agent Circuit ID; and; Agent Remote ID; are sub-options that are also sent as part of the
- Page 11 – DHCP filtering; Configuring filtering; maxlease; number of entries on that port, or the switch has run
- Page 12 – ARP security; DHCP snooping filter show command; show dhcpsnooping filter; Resource considerations; average; To enable DHCP snooping ARP security:
- Page 13 – disable igmpsnooping; Example on a Rapier 24i; If leases are 2 on ports
- Page 14 – Configuration examples; This section contains the following examples:; onfigure a private VLAN for customers:
- Page 15 – Add the tagged uplink ports to the VLAN:
- Page 16 – Create a set of QoS classifiers:
- Page 17 – Configure two VLANs for layer 3 access to the DHCP server:
- Page 18 – enable; Configure the switch’s IP; For layer 3 support, enable the BOOTP Relay:
- Page 20 – Troubleshooting; Use the command; enable dhcpsnooping debug=all; to get the most verbose level of; No trusted ports configured; The switch does not forward this on to any other port.
- Page 21 – Maximum number of leases is exceeded
- Page 22 – Switch is dropping ARPs; Known clients on untrusted ports
- Page 23 – will
- Page 24 – Displaying log entries; The; show log; command is also very useful:
- Page 25 – Appendix
- Page 26 – The following configuration (thanks to
C613-16086-00 REV B
www.alliedtelesis.com
AlliedWare
TM
OS
How To |
Introduction
It has increasingly become a legal requirement for service providers to identify which of their
customers were using a specific IP address at a specific time. This means that service
providers must be able to:
z
Know which customer was allocated an IP address at any time.
z
Guarantee that customers cannot avoid detection by spoofing an IP address that was not
actually allocated to them.
These security features provide a traceable history in the event of an official query. Three
components are used to provide this traceable history:
z
DHCP snooping
z
DHCP Option 82
z
DHCP filtering
With DHCP snooping an administrator can control port-to-IP connectivity by:
z
permitting port access to specified IP addresses only
z
permitting port access to DHCP issued IP addresses only
z
dictating the number of IP clients on any given port
z
passing location information about an IP client to the DHCP server
z
permitting only known IP clients to ARP
This document explains each feature and provides the minimum configuration to enable
them. There are also two configuration examples that make advanced use of the features.
Use DHCP Snooping, Option 82, and Filtering on
AT-8800, AT-8600, AT-8700XL, Rapier, and Rapier i
Series Switches
"Loading the manual" means you need to wait until the file loads and becomes available for online reading. Some manuals are very large, and the time they take to appear depends on your internet speed.
Summary
Page 2 | AlliedWare™ OS How To Note: DHCP Snooping on Rapier-style switches Introduction This document contains the following contents: Introduction .............................................................................................................................................. 1 Which ...
Page 3 | AlliedWare™ OS How To Note: DHCP Snooping on Rapier-style switches DHCP snooping Related How To Notes The following How To Note describes DHCP snooping on AT-9900, x900-48 and AT-8948 series switches: z How To Use DHCP Snooping, Option 82, and Filtering on AT-9900 and x900-48 Series Switche...
Page 4 | AlliedWare™ OS How To Note: DHCP Snooping on Rapier-style switches DHCP snooping The database The switch watches the DHCP packets that it is passing back-and-forth. It also maintains a database that lists the DHCP leases it knows are being held by devices downstream of its ports. Each lease...
