Login
- Table of Contents
-
- 04-Layer 3 Command Reference
- 00-Preface
- 01-ARP Commands
- 02-IP Addressing Commands
- 03-DHCP Commands
- 04-DHCPv6 Commands
- 05-DNS Commands
- 06-IPv6 DNS Commands
- 07-NAT Commands
- 08-Adjacency Table Commands
- 09-Flow Classification Commands
- 10-IPv6 Basics Commands
- 11-IP Performance Optimization Commands
- 12-Basic IP Routing Commands
- 13-Static Routing Commands
- 14-IPv6 Static Routing Commands
- 15-GRE Commands
- 16-RIP Commands
- 17-RIPng Commands
- 18-Policy-Based Routing Commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 03-DHCP Commands | 308.79 KB |
DHCP server configuration commands
dhcp select server global-pool
dhcp server client-detect enable
dhcp server relay information enable
dhcp update arp (for DHCP server)
display dhcp server forbidden-ip
display dhcp server statistics
DHCP relay agent configuration commands
dhcp enable (for DHCP relay agent)
dhcp relay address-check enable
dhcp relay client-detect enable
dhcp relay information circuit-id format-type
dhcp relay information circuit-id string
dhcp relay information remote-id format-type
dhcp relay information remote-id string
dhcp relay information strategy
dhcp relay security refresh enable
dhcp update arp (for DHCP relay agent)
display dhcp relay information
display dhcp relay security statistics
display dhcp relay security tracker
display dhcp relay server-group
DHCP client configuration commands
DHCP snooping configuration commands
dhcp-snooping binding database filename
dhcp-snooping binding database update interval
dhcp-snooping binding database update now
dhcp-snooping binding record user-identity
dhcp-snooping check mac-address
dhcp-snooping check request-message
dhcp-snooping information circuit-id format-type
dhcp-snooping information circuit-id string
dhcp-snooping information enable
dhcp-snooping information format
dhcp-snooping information remote-id format-type
dhcp-snooping information remote-id string
dhcp-snooping information strategy
dhcp-snooping information sub-option
dhcp-snooping verify reply-message
display dhcp-snooping binding database
display dhcp-snooping information
display dhcp-snooping packet statistics
reset dhcp-snooping packet statistics
BOOTP client configuration commands
DHCP configuration commands
DHCP server configuration commands
DHCP snooping cannot be configured on DHCP servers.
bims-server
Use bims-server to specify the IP address, port number, and shared key of the BIMS server in a DHCP address pool.
Use undo bims-server to remove the specified BIMS server information.
Syntax
bims-server ip ip-address [ port port-number ] sharekey [ cipher | simple ] key
undo bims-server
Default
No BIMS server information is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip ip-address: Specifies the IP address of the BIMS server.
port port-number: Specifies the port number of the BIMS server, in the range of 1 to 65534.
cipher: Sets a ciphertext key.
simple: Sets a plaintext key.
key: Specifies the key string. This argument is case sensitive. If simple is specified, it must be a string of 1 to 16 characters. If cipher is specified, it must be a ciphertext string of 1 to 53 characters. If neither cipher nor simple is specified, you set a plaintext key string.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
All passwords, configured in either plaintext or ciphertext, are saved in ciphertext.
Examples
# Specify the IP address 1.1.1.1, port number 80, and shared key aabbcc of the BIMS server in DHCP address pool 0 for the client.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] bims-server ip 1.1.1.1 port 80 sharekey simple aabbcc
· dhcp server ip-pool
· display dhcp server tree
bootfile-name
Use bootfile-name to specify a bootfile name in a DHCP address pool.
Use undo bootfile-name to remove the specified bootfile name.
Syntax
bootfile-name bootfile-name
undo bootfile-name
Default
No bootfile name is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
bootfile-name: Specifies the boot file name, a string of 1 to 63 characters.
Usage guidelines
If you execute the bootfile-name command multiple times, the most recent configuration takes effect.
Examples
# Specify the bootfile name aaa.cfg in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] bootfile-name aaa.cfg
· dhcp server ip-pool
· display dhcp server tree
dhcp enable (for DHCP server)
Use dhcp enable to enable DHCP.
Use undo dhcp enable to disable DHCP.
Syntax
dhcp enable
undo dhcp enable
Default
DHCP is disabled.
Views
System view
Default command level
2: System level
Usage guidelines
Enable DHCP before performing DHCP server or relay agent configurations.
Examples
# Enable DHCP.
<Sysname> system-view
[Sysname] dhcp enable
dhcp server apply ip-pool
Use dhcp server apply ip-pool to apply an address pool on an interface.
Use undo dhcp server apply ip-pool to remove the configuration.
Syntax
dhcp server apply ip-pool pool-name
undo dhcp server apply ip-pool [ pool-name ]
Default
No extended address pool is applied on an interface, and the server assigns an IP address from a common address pool to a client when the client's request arrives at the interface.
Views
Interface view
Default command level
2: System level
Parameters
pool-name: Specifies the name of a DHCP address pool, a case-insensitive string of 1 to 35 characters.
Usage guidelines
If you execute the dhcp server apply ip-pool command on an interface, when a client's request arrives at the interface, the server attempts to assign the client the statically bound IP address first, and then an IP address from this extended address pool.
Only an extended address pool can be applied on an interface. The address pool to be referenced must already exist.
Examples
# Apply extended DHCP address pool 0 on VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp server apply ip-pool 0
Related commands
dhcp server ip-pool
dhcp select server global-pool
Use dhcp select server global-pool to enable the DHCP server on an interface. After the interface receives a DHCP request from a client, the DHCP server allocates an IP address from the address pool.
Use undo dhcp select server global-pool to remove the configuration. Upon receiving a DHCP request from a client, the interface neither assigns an IP address to the client, nor serves as a DHCP relay agent to forward the request.
Syntax
dhcp select server global-pool [ subaddress ]
undo dhcp select server global-pool [ subaddress ]
Default
The DHCP server is enabled on an interface when DHCP is enabled.
Views
Interface view
Default command level
2: System level
Parameters
subaddress: Supports secondary address allocation. When the DHCP server and client are on the same network segment, the server preferably assigns an IP address from an address pool that resides on the same subnet as the primary IP address of the server interface (connecting to the client).
· If the address pool contains no assignable IP address, the server assigns an IP address from an address pool that resides on the same subnet as the secondary IP addresses of the server interface.
· If the interface has multiple secondary IP addresses, each address pool is tried in turn for address allocation.
Usage guidelines
Use the undo dhcp select server global-pool subaddress command to disable the support for secondary address allocation.
If the subaddress keyword is not specified, the DHCP server can only assign an IP address from the address pool that resides on the same subnet as the primary IP address of the server interface.
Examples
# Enable the DHCP server on VLAN-interface 1 to assign IP addresses from the address pool that resides on the same subnet as the primary IP address of the server interface (connecting to the client) for the client.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp select server global-pool
dhcp server client-detect enable
Use dhcp server client-detect enable to enable client offline detection on the DHCP server.
Use undo dhcp server client-detect enable to disable the function.
Syntax
dhcp server client-detect enable
undo dhcp server client-detect enable
Default
The function is disabled.
Views
Interface view
Default command level
2: System level
Usage guidelines
With this feature enabled, the DHCP server considers that a DHCP client goes offline when the ARP entry for the client ages out. In addition, it removes the client entry and releases the IP address of the client.
Examples
# Enable client offline detection on the DHCP server.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp server client-detect enable
dhcp server detect
Use dhcp server detect to enable unauthorized DHCP server detection.
Use undo dhcp server detect to disable the function.
Syntax
dhcp server detect
undo dhcp server detect
Default
The function is disabled.
Views
System view
Default command level
2: System level
Usage guidelines
With this function enabled, upon receiving a DHCP request, the DHCP server records the IP addresses of DHCP servers that offered IP addresses to the DHCP client and the receiving interface. Each detected server is recorded only once. The administrator can use this information to check for unauthorized DHCP servers.
Examples
# Enable unauthorized DHCP server detection.
<Sysname> system-view
[Sysname] dhcp server detect
dhcp server forbidden-ip
Use dhcp server forbidden-ip to exclude specific IP addresses from dynamic allocation.
Use undo dhcp server forbidden-ip to remove the configuration.
Syntax
dhcp server forbidden-ip low-ip-address [ high-ip-address ]
undo dhcp server forbidden-ip low-ip-address [ high-ip-address ]
Default
All IP addresses in a DHCP address pool are assignable except IP addresses of the DHCP server interfaces.
Views
System view
Default command level
2: System level
Parameters
low-ip-address: Specifies the start IP address.
high-ip-address: Specifies the end IP address, which must have a higher sequence than the start IP address.
Usage guidelines
When you use the dhcp server forbidden-ip command to exclude an IP address that is bound to a user from dynamic assignment, the address can be still assigned to the user.
When you use the undo dhcp server forbidden-ip command to remove the configuration, the specified address/address range must be consistent with the one specified with the dhcp server forbidden-ip command. If you have configured to exclude an address range from dynamic assignment, you need to specify the same address range in the undo dhcp server forbidden-ip command instead of specifying one IP address.
You can exclude multiple IP address ranges from allocation.
Examples
# Exclude the IP addresses 10.110.1.1 through 10.110.1.63 from dynamic allocation.
<Sysname> system-view
[Sysname] dhcp server forbidden-ip 10.110.1.1 10.110.1.63
· display dhcp server forbidden-ip
· dhcp server ip-pool
· network
· static-bind ip-address
dhcp server ip-pool
Use dhcp server ip-pool to create a DHCP address pool and enter its view. If the pool has been created, you directly enter its view.
Use undo dhcp server ip-pool to remove the specified DHCP address pool.
Syntax
dhcp server ip-pool pool-name [ extended ]
undo dhcp server ip-pool pool-name
Default
No DHCP address pool is created.
Views
System view
Default command level
2: System level
Parameters
pool-name: Specifies the name for the global address pool, a string of 1 to 35 characters used to uniquely identify this pool.
extended: Specifies the address pool as an extended address pool. If this keyword is not specified, the address pool is a common address pool.
Examples
# Create the common address pool identified by 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0]
· dhcp enable
· display dhcp server tree
dhcp server log enable
Use dhcp server log enable to enable log output on the DHCP server.
Use undo dhcp server log enable to disable log output on the DHCP server.
Syntax
dhcp server log enable
undo dhcp server log enable
Default
The DHCP server outputs logs.
Views
System view
Default command level
2: System level
Examples
# Disable log output on the DHCP server.
<Sysname> system-view
[Sysname] undo dhcp server log enable
dhcp server ping packets
Use dhcp server ping packets to specify the maximum number of ping packets.
Use undo dhcp server ping packets to restore the default.
Syntax
dhcp server ping packets number
undo dhcp server ping packets
Default
The maximum number of ping packets is 1.
Views
System view
Default command level
2: System level
Parameters
number: Specifies the maximum number of ping packets, in the range of 0 to 10. The value of 0 means that the DHCP server does not perform address conflict detection.
Usage guidelines
To avoid IP address conflicts, the DHCP server pings an IP address before assigning it to a DHCP client.
If a ping attempt succeeds, the server considers that the IP address is in use and picks a new IP address. If all the ping attempts fail, the server assigns the IP address to the requesting DHCP client.
Examples
Examples
# Specify the maximum number of ping packets as 10.
<Sysname> system-view
[Sysname] dhcp server ping packets 10
dhcp server ping timeout
Use dhcp server ping timeout to configure the ping response timeout time on the DHCP server.
Use undo dhcp server ping timeout to restore the default.
Syntax
dhcp server ping timeout milliseconds
undo dhcp server ping timeout
Default
The ping response timeout time is 500 ms.
Views
System view
Default command level
2: System level
Parameters
milliseconds: Specifies the timeout time in the range of 0 to 10000 milliseconds. The value of 0 means that no ping operation is performed for address conflict detection.
Usage guidelines
To avoid IP address conflicts, the DHCP server checks whether an IP address is in use before assigning it to a DHCP client.
The DHCP server pings the IP address. If the server gets a response within the specified interval, it believes that the IP address is in use, and selects and pings another IP address. If not, the server pings the IP address again until the maximum number of ping packets are sent. If still no response is received, the server assigns the IP address to the requesting client.
Examples
# Specify the response timeout time as 1000 ms.
<Sysname> system-view
[Sysname] dhcp server ping timeout 1000
dhcp server relay information enable
Use dhcp server relay information enable to enable the DHCP server to handle Option 82.
Use undo dhcp server relay information enable to configure the DHCP server to ignore Option 82.
Syntax
dhcp server relay information enable
undo dhcp server relay information enable
Default
The DHCP server handles Option 82.
Views
System view
Default command level
2: System level
Examples
# Configure the DHCP server to ignore Option 82.
<Sysname> system-view
[Sysname] undo dhcp server relay information enable
dhcp server threshold
Use dhcp server threshold to enable the DHCP server to send trap messages to the network management server when the specified threshold is reached.
Use undo dhcp server threshold to restore the default.
Syntax
dhcp server threshold { allocated-ip threshold-value | average-ip-use threshold-value | max-ip-use threshold-value }
undo dhcp server threshold { allocated-ip | average-ip-use | max-ip-use }
Default
The DHCP server does not send trap messages to the network management server.
Views
System view
Default command level
2: System level
Parameters
allocated-ip threshold-value: Enables the DHCP server to send trap messages to the network management server when the ratio of successfully allocated IP addresses to received DHCP requests within 5 minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.
average-ip-use threshold-value: Enables the DHCP server to send trap messages to the network management server when the average IP address utilization of an address pool within 5 minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.
max-ip-use threshold-value: Enables the DHCP server to send trap messages to the network management server when the maximum IP address utilization of an address pool within 5 minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.
Examples
# Enable the DHCP server to send trap messages to the network management server when the ratio of successfully allocated IP addresses to received DHCP requests within five minutes exceeds 50%.
<Sysname> system-view
[Sysname] dhcp server threshold allocated-ip 50
# Enable the DHCP server to send trap messages to the network management server when the average IP address utilization of an address pool within five minutes exceeds 80%.
<Sysname> system-view
[Sysname] dhcp server threshold average-ip-use 80
# Enable the DHCP server to send trap messages to the network management server when the maximum IP address utilization of an address pool within five minutes exceeds 80%.
<Sysname> system-view
[Sysname] dhcp server threshold max-ip-use 80
dhcp update arp (for DHCP server)
Use dhcp update arp to configure the DHCP server to support authorized ARP.
Use undo dhcp update arp to restore the default.
Syntax
dhcp update arp
undo dhcp update arp
Default
The DHCP server does not support authorized ARP.
Views
Interface view
Default command level
2: System level
Examples
# Configure VLAN-interface 1 of the current DHCP server to support authorized ARP.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp update arp
display dhcp server conflict
Use display dhcp server conflict to display information about IP address conflicts.
Syntax
display dhcp server conflict { all | ip ip-address } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays information about all IP address conflicts.
ip-address: Displays conflict information about the specified IP address. If no IP address is specified, this command displays information about all IP address conflicts.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display information about all IP address conflicts.
<Sysname> display dhcp server conflict all
Address Discover time
4.4.4.1 Apr 25 2007 16:57:20
4.4.4.2 Apr 25 2007 17:00:10
--- total 2 entry ---
Table 1 Command output
|
Field |
Description |
|
Address |
Conflicted IP address. |
|
Discover Time |
Time when the conflict was discovered. |
reset dhcp server conflict
display dhcp server expired
Use display dhcp server expired to display lease expiration information.
Syntax
display dhcp server expired { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays lease expiration information about all DHCP address pools.
ip ip-address: Displays lease expiration information about the specified IP address.
pool [ pool-name ]: Displays lease expiration information about the specified address pool. The pool name is a string of 1 to 35 characters. If you do not specify any pool name, this command displays lease expiration information about all address pools.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
DHCP assigns these expired IP addresses to DHCP clients when all available addresses have been assigned.
Examples
# Display all lease expiration information.
<Sysname> display dhcp server expired all
IP address Client-identifier/ Lease expiration Type
Hardware address
4.4.4.6 3030-3066-2e65-3230- Apr 25 2007 17:10:47 Release
302e-3130-3234-2d45-
7468-6572-6e65-7430-
2f31
--- total 1 entry ---
Table 2 Command output
|
Field |
Description |
|
IP address |
Expired IP address. |
|
Client-identifier/Hardware address |
Client ID or MAC address. |
|
Lease expiration |
Time when the lease expired. |
|
Type |
Types of lease expirations. This field is set to Release. |
display dhcp server free-ip
Use display dhcp server free-ip to display information about assignable IP addresses.
Syntax
display dhcp server free-ip [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display information about assignable IP addresses.
<Sysname> display dhcp server free-ip
IP Range from 10.0.0.1 to 10.0.0.254
display dhcp server forbidden-ip
Use display dhcp server forbidden-ip to display IP addresses excluded from dynamic allocation in DHCP address pool.
Syntax
display dhcp server forbidden-ip [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display IP addresses excluded from dynamic allocation in the DHCP address pool.
<Sysname> display dhcp server forbidden-ip
Global:
IP Range from 1.1.0.2 to 1.1.0.3
IP Range from 1.1.1.2 to 1.1.1.3
Pool name: 2
1.1.1.5 1.1.1.6
Table 3 Command output
|
Field |
Description |
|
Global |
Globally excluded IP addresses specified with the dhcp server forbidden-ip command in system view. No address pool can assign these IP addresses. |
|
Pool name |
Excluded IP addresses specified with the forbidden-ip command in DHCP address pool view. They cannot be assigned from the current extended address pool. |
display dhcp server ip-in-use
Use display dhcp server ip-in-use to display binding information about DHCP address pools or an IP address.
Syntax
display dhcp server ip-in-use { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays binding information about all DHCP address pools.
ip ip-address: Displays binding information about the specified IP address.
pool [ pool-name ]: Displays binding information about the specified IP address pool. The pool name is a string of 1 to 35 characters. If you do not specify any pool name, this command displays binding information about all address pools.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
In the command output, the lease duration of a used static binding is displayed as Unlimited instead of the actual lease duration. To view the actual lease duration, use the display this command in DHCP address pool view.
Examples
# Display binding information about all DHCP address pools.
<Sysname> display dhcp server ip-in-use all
Pool utilization: 0.39%
IP address Client-identifier/ Lease expiration Type
Hardware address
10.1.1.1 4444-4444-4444 NOT Used Manual
10.1.1.2 3030-3030-2e30-3030- May 1 2009 14:02:49 Auto:COMMITTED
662e-3030-3033-2d45-
7468-6572-6e65-7430-
2f31
--- total 2 entry ---
Table 4 Command output
|
Field |
Description |
|
Pool utilization |
Utilization rate of IP addresses in a DHCP address pool, which is the ratio of assigned IP addresses to assignable IP addresses in the DHCP address pool. · When binding information about all DHCP address pools is displayed, this field displays the total utilization rate of IP addresses in all DHCP address pools. · When binding information about a specific DHCP address pool is displayed, this field displays the utilization rate of IP addresses in the DHCP address pool. · When binding information about a specific IP address is displayed, this field is not displayed. |
|
IP address |
Bound IP address. |
|
Client-identifier/Hardware address |
Client's ID or MAC of the binding. |
|
Lease expiration |
Lease expiration time: · Specific time (May 1 2009 14:02:49 in this example)—Time when the lease expires. · NOT Used—IP address of the static binding has not been assigned to the specific client. · Unlimited—Infinite lease expiration time. |
|
Type |
Binding types: · Manual—Static binding. · Auto:OFFERED—Binding sent in the DHCP-OFFER message from the server to the client. · Auto:COMMITTED—Binding sent in the DHCP-ACK message from the server to the client. |
reset dhcp server ip-in-use
display dhcp server statistics
Use display dhcp server statistics to display the statistics of the DHCP server.
Syntax
display dhcp server statistics [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display the statistics on the DHCP server.
<Sysname> display dhcp server statistics
Global Pool:
Pool Number: 1
Binding:
Auto: 1
Manual: 0
Expire: 0
BOOTP Request: 10
DHCPDISCOVER: 5
DHCPREQUEST: 3
DHCPDECLINE: 0
DHCPRELEASE: 2
DHCPINFORM: 0
BOOTPREQUEST: 0
BOOTP Reply: 6
DHCPOFFER: 3
DHCPACK: 3
DHCPNAK: 0
BOOTPREPLY: 0
Bad Messages: 0
Table 5 Command output
|
Field |
Description |
|
Global Pool |
Statistics of a DHCP address pool. |
|
Pool Number |
Number of address pools. |
|
Auto |
Number of dynamic bindings. |
|
Manual |
Number of static bindings. |
|
Expire |
Number of expired bindings. |
|
BOOTP Request |
DHCP packets received from clients: · DHCPDISCOVER. · DHCPREQUEST. · DHCPDECLINE. · DHCPRELEASE. · DHCPINFORM. · BOOTPREQUEST. |
|
BOOTP Reply |
DHCP packets sent to clients: · DHCPOFFER. · DHCPACK. · DHCPNAK. · BOOTPREPLY. |
|
Bad Messages |
Number of bad messages. |
reset dhcp server statistics
display dhcp server tree
Use display dhcp server tree to display information about DHCP address pools.
Syntax
display dhcp server tree { all | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays information about all DHCP address pools.
pool [ pool-name ]: Displays information about a specific address pool. The pool name argument is a string of 1 to 35 characters. If you do not specify any pool name, this command displays information about all address pools.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display information about all DHCP address pools.
<Sysname> display dhcp server tree all
Global pool:
Pool name: 0
network 20.1.1.0 mask 255.255.255.0
Sibling node:1
option 2 ip-address 1.1.1.1
expired 1 0 0 0
Pool name: 1
static-bind ip-address 10.10.1.2 mask 255.0.0.0
static-bind mac-address 00e0-00fc-0001
PrevSibling node:0
expired unlimited
Extended pool:
Pool name: 2
network ip range 1.1.1.0 1.1.1.255
network mask 255.255.255.0
expired 0 0 2 0
Table 6 Command output
|
Field |
Description |
|
Global pool |
Information about a common address pool. |
|
Pool name |
Address pool name. |
|
network |
Subnet for address allocation. |
|
static-bind ip-address 10.10.1.2 mask 255.0.0.0 static-bind mac-address 00e0-00fc-0001 |
IP address and MAC address of the static binding. |
|
Sibling node |
Sibling node of the current node. Nodes of this kind in the output information can be: · Child node—Child node (subnet segment) address pool of the current node. · Parent node—Parent node (nature network segment) address pool of the current node. · Sibling node—Latter sibling node of the current node (another subnet of the same nature network). The earlier the sibling node is configured, the higher order the sibling node has. · PrevSibling node—Previous sibling node of the current node. |
|
option |
Self-defined DHCP options. |
|
expired |
Lease duration, in the format of day, hour, minute, and second. |
|
Extended pool |
Information about an extended address pool. |
|
network ip range |
Range of assignable IP addresses in the extended address pool. |
|
network mask |
Mask of IP addresses assigned from the extended address pool. |
dns-list
Use dns-list to specify DNS server addresses in a DHCP address pool.
Use undo dns-list to remove DNS server addresses from a DHCP address pool.
Syntax
dns-list ip-address&<1-8>
undo dns-list { ip-address | all }
Default
No DNS server address is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip-address&<1-8>: Specifies DNS servers. &<1-8> means you can specify up to eight DNS server addresses separated by spaces.
all: Specifies all DNS server addresses to be removed.
Usage guidelines
If you execute the dns-list command multiple times, the most recent configuration takes effect.
Examples
# Specify the DNS server address 10.1.1.254 for the DHCP client in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] dns-list 10.1.1.254
· dhcp server ip-pool
· display dhcp server tree
domain-name
Use domain-name to specify a domain name in a DHCP address pool.
Use undo domain-name to remove the specified domain name.
Syntax
domain-name domain-name
undo domain-name
Default
No domain name suffix is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
domain-name: Specifies the domain name, a string of 1 to 50 characters.
Examples
# Specify the domain name mydomain.com in address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] domain-name mydomain.com
· dhcp server ip-pool
· display dhcp server tree
expired
Use expired to specify the lease duration in a DHCP address pool.
Use undo expired to restore the default lease duration for a DHCP address pool.
Syntax
expired { day day [ hour hour [ minute minute [ second second ] ] ] | unlimited }
undo expired
Default
The lease duration of a static address pool is unlimited, and the lease duration of a dynamic address pool is one day.
Views
DHCP address pool view
Default command level
2: System level
Parameters
day day: Specifies the number of days, in the range of 0 to 365.
hour hour: Specifies the number of hours, in the range of 0 to 23.
minute minute: Specifies the number of minutes, in the range of 0 to 59.
second second: Specifies the number of seconds, in the range of 0 to 59.
unlimited: Specifies the unlimited lease duration, which is actually 136 years.
Usage guidelines
The specified lease duration cannot be less than 5 seconds.
The specified lease duration takes effect for the static binding, but the lease duration displayed by the display dhcp server ip-in-use all command is still Unlimited.
Examples
# Specify the lease duration as 1 day, 2 hours, 3 minutes, and 4 seconds in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] expired day 1 hour 2 minute 3 second 4
Related commands
· dhcp server ip-pool
· display dhcp server tree
forbidden-ip
Use forbidden-ip to exclude IP addresses from dynamic allocation in an extended address pool.
Use undo forbidden-ip to cancel specified or all excluded IP addresses.
Syntax
forbidden-ip ip-address&<1-8>
undo forbidden-ip { ip-address&<1-8> | all }
Default
All IP addresses in an extended address pool are assignable except the IP addresses of the DHCP server interfaces.
Views
DHCP extended address pool view
Default command level
2: System level
Parameters
ip-address&<1-8>: Specifies excluded IP addresses. &<1-8> indicates that you can specify up to eight IP addresses, separated by spaces.
all: Excludes all IP addresses from dynamic allocation.
Usage guidelines
Only the extended address pools support this command.
IP addresses specified with the forbidden-ip command in DHCP address pool view are excluded from dynamic address allocation in the current extended address pool only. They are assignable in other address pools.
You can exclude multiple IP address ranges from dynamic allocation.
Examples
# Exclude IP addresses 192.168.1.3 and 192.168.1.10 from dynamic allocation for extended address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] forbidden-ip 192.168.1.3 192.168.1.10
Related commands
· dhcp server ip-pool
· display dhcp server forbidden-ip
gateway-list
Use gateway-list to specify gateway addresses in a DHCP address pool.
Use undo gateway-list to remove specified gateway addresses specified for the DHCP client from a DHCP address pool.
Syntax
gateway-list ip-address&<1-8>
undo gateway-list { ip-address | all }
Default
No gateway address is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip-address&<1-8>: Specifies the gateway IP address. &<1-8> means you can specify up to eight gateway addresses separated by spaces.
all: Specifies all gateway IP addresses to be removed.
Usage guidelines
If you use the gateway-list command multiple times, the most recent configuration takes effect.
Examples
# Specify the gateway address 10.110.1.99 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] gateway-list 10.110.1.99
· dhcp server ip-pool
· display dhcp server tree
nbns-list
Use nbns-list to specify WINS server addresses in a DHCP address pool.
Use undo nbns-list to remove the specified WINS server addresses.
Syntax
nbns-list ip-address&<1-8>
undo nbns-list { ip-address | all }
Default
No WINS server address is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip-address&<1-8>: Specifies WINS server IP addresses. &<1-8> means you can specify up to eight WINS server addresses separated by spaces.
all: Specifies all WINS server addresses to be removed.
Usage guidelines
If you use the nbns-list command multiple times, the most recent configuration takes effect.
Examples
# Specify WINS server address 10.12.1.99 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] nbns-list 10.12.1.99
· dhcp server ip-pool
· netbios-type
· display dhcp server tree
netbios-type
Use netbios-type to specify the NetBIOS node type in a DHCP address pool.
Use undo netbios-type to remove the specified NetBIOS node type.
Syntax
netbios-type { b-node | h-node | m-node | p-node }
undo netbios-type
Default
No NetBIOS node type is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
b-node: Specifies the broadcast node. A b-node client sends the destination name in a broadcast message to get the name-to-IP mapping from a server.
h-node: Specifies the hybrid node. An h-node client unicasts the destination name to a WINS server, and if receiving no response, then broadcasts it to get the mapping from a server.
m-node: Specifies the mixed node. An m-node client broadcasts the destination name, and if receiving no response, then unicasts the destination name to the WINS server to get the mapping.
p-node: Specifies the peer-to-peer node. A p-node client sends the destination name in a unicast message to get the mapping from the WINS server.
Examples
# Specify the NetBIOS node type as b-node in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] netbios-type b-node
· dhcp server ip-pool
· nbns-list
· display dhcp server tree
network
Use network to specify the subnet for dynamic allocation in a DHCP address pool.
Use undo network to remove the specified subnet.
Syntax
network network-address [ mask-length | mask mask ]
undo network
Default
No subnet is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
network-address: Specifies the subnet for dynamic allocation. If you do not specify any mask length or mask, the natural mask is used.
mask-length: Specifies the mask length in the range of 1 to 30.
mask mask: Specifies the IP address network mask in dotted decimal format.
Usage guidelines
You can specify only one subnet for each common address pool. If you use the network command multiple times, the most recent configuration takes effect.
Examples
# Specify 192.168.8.0/24 as the subnet for dynamic allocation in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] network 192.168.8.0 mask 255.255.255.0
· dhcp server ip-pool
· display dhcp server tree
network ip range
Use network ip range to specify the IP address range for dynamic allocation in an address pool.
Use undo network ip range to remove the specified address range.
Syntax
network ip range min-address max-address
undo network ip range
Default
No IP address range is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
min-address: Specifies the lowest IP address for dynamic allocation.
max-address: Specifies the highest IP address for dynamic allocation.
Usage guidelines
In a common address pool, you can use the network ip range command to further specify an IP address range on the subnet for address allocation. The specified IP address range must belong to the subnet. Otherwise, the common address pool cannot assign IP addresses.
You can specify only one IP address range for each address pool. If you use the network ip range command multiple times, the most recent configuration takes effect.
Examples
# Specify addresses 10.1.1.1 through 10.1.1.150 on subnet 10.1.1.0/24 for dynamic address allocation in common address pool 1.
<Sysname> system-view
[Sysname] dhcp server ip-pool 1
[Sysname-dhcp-pool-1] network 10.1.1.0 24
[Sysname-dhcp-pool-1] network ip range 10.1.1.1 10.1.1.150
# Specify addresses 192.168.8.1 through 192.168.8.150 for dynamic address allocation in extended address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] network ip range 192.168.8.1 192.168.8.150
Related commands
· dhcp server ip-pool
· network
· display dhcp server tree
network mask
Use network mask to specify the IP address mask for dynamic allocation in an extended address pool.
Use undo network mask to remove the specified IP address mask.
Syntax
network mask mask
undo network mask
Default
No IP address mask is specified.
Views
DHCP extended address pool view
Default command level
2: System level
Parameters
mask: Specifies the network mask in dotted decimal notation.
Usage guidelines
Only the extended address pools support this command.
If you specify an IP address range for an extended address pool without an IP address mask, the extended address pool is not valid, and therefore the system cannot assign IP addresses from the extended address pool.
Examples
# Specify 255.255.255.0 as the IP address mask for dynamic allocation in extended address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] network mask 255.255.255.0
Related commands
· dhcp server ip-pool
· display dhcp server tree
· network ip range
next-server
Use next-server to specify the IP address of a server in a DHCP address pool.
Use undo next-server to remove the server's IP address from the DHCP address pool.
Syntax
next-server ip-address
undo next-server
Default
No server's IP address is specified in an address pool.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip-address: Specifies the IP address of a server.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify a server's IP address 1.1.1.1 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] next-server 1.1.1.1
Related commands
· dhcp server ip-pool
· display dhcp server tree
option
Use option to configure a self-defined DHCP option in a DHCP address pool.
Use undo option to remove a self-defined DHCP option from a DHCP address pool.
Syntax
option code { ascii ascii-string | hex hex-string&<1-16> | ip-address ip-address&<1-8> }
undo option code
Default
The option command is not configured.
Views
DHCP address pool view
Default command level
2: System level
Parameters
code: Specifies the number of the self-defined option, in the range of 2 to 254, excluding 12, 50 through 55, 57 through 61, and 82.
ascii ascii-string: Specifies an ASCII string with 1 to 255 characters as the option content.
hex hex-string&<1-16>: Specifies hex digit strings. &<1-16> indicates that you can specify up to 16 hex digit strings, separated by spaces. Each string contains 2, 4, 6, or 8 hex digits.
ip-address ip-address&<1-8>: Specifies the IP addresses as the option content. &<1-8> indicates that you can specify up to eight IP addresses separated by spaces.
Usage guidelines
If you use the option command multiple times, the most recent configuration takes effect.
Examples
# Configure the hex digits 0x11 and 0x22 for the self-defined DHCP Option 100 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] option 100 hex 11 22
· dhcp server ip-pool
· display dhcp server tree
reset dhcp server conflict
Use reset dhcp server conflict to clear IP address conflict information.
Syntax
reset dhcp server conflict { all | ip ip-address }
Views
User view
Default command level
2: System level
Parameters
all: Clears the conflict statistics of all IP addresses.
ip ip-address: Clears the conflict statistics of a specific IP address.
Examples
# Clears the statistics of all IP address conflicts.
<Sysname> reset dhcp server conflict all
display dhcp server conflict
reset dhcp server ip-in-use
Use reset dhcp server ip-in-use to clear dynamic IP address binding information.
Syntax
reset dhcp server ip-in-use { all | ip ip-address | pool [ pool-name ] }
Views
User view
Default command level
2: System level
Parameters
all: Clears the IP address dynamic binding information about all DHCP address pools.
ip ip-address: Clears dynamic binding information about a specific IP address.
pool [ pool-name ]: Clears dynamic binding information about a specific address pool. The pool name is a string of 1 to 35 characters. If you do not specify any pool name, this command clears dynamic binding information about all address pools.
Examples
# Clear binding information about IP address 10.110.1.1.
<Sysname> reset dhcp server ip-in-use ip 10.110.1.1
display dhcp server ip-in-use
reset dhcp server statistics
Use reset dhcp server statistics to clear the statistics of the DHCP server.
Syntax
reset dhcp server statistics
Views
User view
Default command level
1: Monitor level
Examples
# Clear the statistics of the DHCP server.
<Sysname> reset dhcp server statistics
display dhcp server statistics
static-bind client-identifier
Use static-bind client-identifier to specify the client ID of a static binding in a DHCP address pool.
Use undo static-bind client-identifier to remove the client ID of a static binding from a DHCP address pool.
Syntax
static-bind client-identifier client-identifier
undo static-bind client-identifier
Default
No client ID is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
client-identifier: Specifies the client ID of a static binding, a string with 4 to 160 characters in the format of H-H-H…, each H indicates 4 hex digits except the last H indicates 2 or 4 hex digits. For example, aabb-cccc-dd is a valid ID, but aabb-c-dddd and aabb-cc-dddd are both invalid.
Usage guidelines
Use the static-bind client-identifier command together with the static-bind ip-address command to accomplish a static binding configuration.
The ID of the static binding of a client must be identical to the ID displayed by using the display dhcp client verbose command on the client. Otherwise, the client cannot obtain an IP address.
If you use the static-bind client-identifier or static-bind mac-address command multiple times, the most recent configuration takes effect.
Examples
# Bind the client ID aaaa-bbbb to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[Sysname-dhcp-pool-0] static-bind client-identifier aaaa-bbbb
· dhcp server ip-pool
· static-bind ip-address
· static-bind mac-address
· display dhcp server tree
· display dhcp client verbose
static-bind ip-address
Use static-bind ip-address to specify an IP address in a DHCP address pool for a static binding.
Use undo static-bind ip-address to remove the statically bound IP address.
Syntax
static-bind ip-address ip-address [ mask-length | mask mask ]
undo static-bind ip-address
Default
No IP address is statically bound in a DHCP address pool.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip-address: Specifies the IP address of a static binding. If you do not specify any mask or mask length, the natural mask is used.
mask-length: Specifies the mask length of the IP address, in the range of 1 to 30.
mask mask: Specifies the IP address mask, in dotted decimal format.
Usage guidelines
Use the static-bind ip-address command together with the static-bind mac-address or static-bind client-identifier command to accomplish a static binding configuration.
The IP address of the static binding cannot be an interface address of the DHCP server. Otherwise, an IP address conflict may occur, and the bound client cannot obtain an IP address correctly.
If you use the static-bind ip-address command multiple times, the most recent configuration takes effect.
Examples
# Bind the client MAC address 0000-e03f-0305 to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[Sysname-dhcp-pool-0] static-bind mac-address 0000-e03f-0305
· dhcp server ip-pool
· static-bind client-identifier
· static-bind mac-address
· display dhcp server tree
static-bind mac-address
Use static-bind mac-address to statically bind a MAC address to an IP address in a DHCP address pool.
Use undo static-bind mac-address to remove the statically bound MAC address.
Syntax
static-bind mac-address mac-address
undo static-bind mac-address
Default
No MAC address is statically bound.
Views
DHCP address pool view
Default command level
2: System level
Parameters
mac-address: Specifies the MAC address of a static binding, in the format of H-H-H.
Usage guidelines
Use the static-bind mac-address command together with the static-bind ip-address command to complete a static binding configuration.
If you use the static-bind mac-address or static-bind client-identifier command multiple times, the most recent configuration takes effect.
Examples
# Bind the client MAC address 0000-e03f-0305 to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[Sysname-dhcp-pool-0] static-bind mac-address 0000-e03f-0305
· dhcp server ip-pool
· static-bind client-identifier
· static-bind ip-address
· display dhcp server tree.
tftp-server domain-name
Use tftp-server domain-name to specify a TFTP server name in a DHCP address pool.
Use undo tftp-server domain-name to remove the TFTP server name from a DHCP address pool.
Syntax
tftp-server domain-name domain-name
undo tftp-server domain-name
Default
No TFTP server name is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
domain-name: Specifies the TFTP server name, a string of 1 to 63 characters.
Usage guidelines
If you execute the tftp-server domain-name command multiple times, the most recent configuration takes effect.
Examples
# Specify the TFTP server name as aaa in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] tftp-server domain-name aaa
· dhcp server ip-pool
· display dhcp server tree
tftp-server ip-address
Use tftp-server ip-address to specify the TFTP server IP address in a DHCP address pool.
Use undo tftp-server ip-address to remove the TFTP server IP address from a DHCP address pool.
Syntax
tftp-server ip-address ip-address
undo tftp-server ip-address
Default
No TFTP server address is specified.
Views
DHCP address pool view
Default command level
2: System level
Parameters
ip-address: Specifies the TFTP server IP address.
Usage guidelines
If you execute the tftp-server ip-address command multiple times, the most recent configuration takes effect.
Examples
# Specify the TFTP server address 10.1.1.1 in DHCP address pool 0.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] tftp-server ip-address 10.1.1.1
· dhcp server ip-pool
· display dhcp server tree
vendor-class-identifier
Use vendor-class-identifier to specify an IP address range for the DHCP clients of a specific vendor.
Use undo vendor-class-identifier to restore the default.
Syntax
vendor-class-identifier hex-string&<1-255> ip range min-address max-address
undo vendor-class-identifier hex-string&<1-255>
Default
No IP address range is specified for the DHCP clients of any vendor.
Views
DHCP extended address pool view
Default command level
2: System level
Parameters
hex-string&<1-255>: Specifies a character string, used to match against Option 60 (vendor class identifier option). The hex-string argument is a hexadecimal number ranging from 0 to FF. &<1-255> indicates that you can type up to 255 hexadecimal numbers, which are separated by spaces.
ip range min-address max-address: Specifies the IP address range for dynamic allocation. The min-address argument is the lowest IP address and the max-address argument is the highest IP address for dynamic allocation.
Usage guidelines
After this feature is configured in an extended DHCP address pool, the DHCP server, when using the extended DHCP address pool to assign an IP address to a DHCP client, checks whether Option 60 in the DHCP request is the same as the character string configured with the vendor-class-identifier command. If yes, the DHCP server selects an IP address from the address range specified with this command. If not, the DHCP server selects one from the address range specified with the network ip range command.
· Only extended address pools support this command.
· The IP address range specified with this command must be included in that specified with the network ip range command.
Examples
# Specify IP address rang 10.1.1.1 to 10.1.1.5 for the DHCP clients of vender a0 b0 0c.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0 extended
[Sysname-dhcp-pool-0] vendor-class-identifier a0 b0 0c ip range 10.1.1.1 10.1.1.5
Related commands
· network ip range
· network mask
voice-config
Use voice-config to configure specified Option 184 contents in a DHCP address pool.
Use undo voice-config to remove specified Option 184 contents from a DHCP address pool.
Syntax
voice-config { as-ip ip-address | fail-over ip-address dialer-string | ncp-ip ip-address | voice-vlan vlan-id { disable | enable } }
undo voice-config [ as-ip | fail-over | ncp-ip | voice-vlan ]
Default
No Option 184 content is configured.
Views
DHCP address pool view
Default command level
2: System level
Parameters
as-ip ip-address: Specifies the IP address for the backup network calling processor. When the primary network calling processor is unavailable, the DHCP client uses the backup network calling processor.
fail-over ip-address dialer-string: Specifies the failover IP address and dialer string. The dialer-string is a string of 1 to 39 characters, which can be 0 to 9, and asterisk (*).
ncp-ip ip-address: Specifies the IP address for the primary network calling processor.
voice-vlan vlan-id: Specifies the voice VLAN ID in the range of 2 to 4094.
· disable: Disables the specified voice VLAN ID, meaning DHCP clients do not take this ID as their voice VLAN.
· enable: Enables the specified voice VLAN ID, meaning DHCP clients take this ID as their voice VLAN.
Usage guidelines
Specify the IP address of a network calling processor first to make other configured parameters take effect.
Examples
# Configure Option 184 in DHCP address pool 0: the primary network calling processor 10.1.1.1, backup network calling processor 10.2.2.2, voice VLAN ID 3 that is enabled, the failover IP address 10.3.3.3 and dialer string 99*.
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] voice-config ncp-ip 10.1.1.1
[Sysname-dhcp-pool-0] voice-config as-ip 10.2.2.2
[Sysname-dhcp-pool-0] voice-config voice-vlan 3 enable
[Sysname-dhcp-pool-0] voice-config fail-over 10.3.3.3 99*
Related commands
· dhcp server ip-pool
· display dhcp server tree
DHCP relay agent configuration commands
The DHCP relay agent configuration is supported only on VLAN interfaces.
dhcp enable (for DHCP relay agent)
Use dhcp enable to enable DHCP.
Use undo dhcp enable to disable DHCP.
Syntax
dhcp enable
undo dhcp enable
Default
DHCP is disabled.
Views
System view
Default command level
2: System level
Usage guidelines
Enable DHCP before performing DHCP server and relay agent configurations.
Examples
# Enable DHCP.
<Sysname> system-view
[Sysname] dhcp enable
dhcp relay address-check enable
Use dhcp relay address-check enable to enable address check on the relay agent.
Use undo dhcp relay address-check enable to disable address check on the relay agent.
Syntax
dhcp relay address-check enable
undo dhcp relay address-check enable
Default
The function is disabled.
Views
Interface view
Default command level
2: System level
Usage guidelines
With this feature enabled, the DHCP relay agent can dynamically record clients' IP-to-MAC bindings after clients get IP addresses through DHCP. It also supports static bindings. You can configure IP-to-MAC bindings manually on the DHCP relay agent, so that users can access external networks using fixed IP addresses.
Upon receiving an ARP packet, the DHCP relay agent matches the sender's IP and MAC addresses in the packet against the bindings (both dynamic and static). If no match is found, the DHCP relay agent does not learn the ARP entry. The sending host cannot access external networks through the DHCP relay agent.
The dhcp relay address-check enable command only checks IP and MAC addresses of clients.
Examples
# Enable address check on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay address-check enable
dhcp relay check mac-address
Use dhcp relay check mac-address to enable MAC address check on the DHCP relay agent.
Use undo dhcp relay check mac-address to disable MAC address check on the DHCP relay agent.
Syntax
dhcp relay check mac-address
undo dhcp relay check mac-address
Default
This function is disabled.
Views
Interface view
Default command level
2: System level
Usage guidelines
With this function enabled, the DHCP relay agent compares the chaddr field of a received DHCP request with the source MAC address field of the frame. If they are the same, the DHCP relay agent decides this request as valid and forwards it to the DHCP server. If not, the DHCP request is discarded.
DHCP relay agents change the source MAC addresses when forwarding DHCP packets. Therefore, you can enable MAC address check only on a DHCP relay agent directly connected to the DHCP clients. Otherwise, valid DHCP packets may be discarded and clients cannot obtain IP addresses.
Examples
# Enable MAC address check on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay check mac-address
dhcp relay client-detect enable
Use dhcp relay client-detect enable to enable offline detection on the DHCP relay agent.
Use undo dhcp relay client-detect enable to disable offline detection on the DHCP relay agent.
Syntax
dhcp relay client-detect enable
undo dhcp relay client-detect enable
Default
This function is disabled.
Views
Interface view
Default command level
2: System level
Usage guidelines
With this feature enabled, the DHCP relay agent considers that a DHCP client goes offline when the ARP entry for the client ages out. In addition, it removes the client entry and sends a DHCP-RELEASE message to the DHCP server to release the IP address of the client.
Examples
# Enable offline detection on the DHCP relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay client-detect enable
dhcp relay information circuit-id format-type
Use dhcp relay information circuit-id format-type to configure the code type for the non-user-defined circuit ID sub-option.
Use undo dhcp relay information circuit-id format-type to restore the default.
Syntax
dhcp relay information circuit-id format-type { ascii | hex }
undo dhcp relay information circuit-id format-type
Default
The code type for the circuit ID sub-option depends on the specified padding format of Option 82. Each field has its own code type.
Views
Interface view
Default command level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Usage guidelines
This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option by using the dhcp relay information circuit-id string command, ASCII is adopted as the code type.
Examples
# Configure the code type for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information circuit-id format-type ascii
display dhcp relay information
dhcp relay information circuit-id string
Use dhcp relay information circuit-id string to configure the padding content for the user-defined circuit ID sub-option.
Use undo dhcp relay information circuit-id string to restore the default.
Syntax
dhcp relay information circuit-id string circuit-id
undo dhcp relay information circuit-id string
Default
The padding content for the circuit ID sub-option depends on the padding format of Option 82.
Views
Interface view
Default command level
2: System level
Parameters
circuit-id: Specifies the padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Usage guidelines
After you configure the padding content for the circuit ID sub-option by using this command, ASCII is adopted as the code type.
Examples
# Configure the padding content for the circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information circuit-id string company001
· dhcp relay information format
· display dhcp relay information
dhcp relay information enable
Use dhcp relay information enable to enable the relay agent to support Option 82.
Use undo dhcp relay information enable to disable Option 82 support.
Syntax
dhcp relay information enable
undo dhcp relay information enable
Default
Option 82 support is disabled on DHCP relay agent.
Views
Interface view
Default command level
2: System level
Examples
# Enable Option 82 support on the relay agent.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information enable
display dhcp relay information
dhcp relay information format
Use dhcp relay information format to specify a padding format for Option 82.
Use undo dhcp relay information format to restore the default padding format.
Syntax
dhcp relay information format { normal | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp relay information format
Default
The Option 82 padding format is normal.
Views
Interface view
Default command level
2: System level
Parameters
normal: Specifies the normal padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.
· mac indicates using MAC address as the node identifier.
· sysname indicates using the device name of a node as the node identifier.
· user-defined node-identifier indicates using a specific character string as the node identifier, in which node-identifier is a string with 1 to 50 characters.
Usage guidelines
If configuring the handling strategy of the DHCP relay agent as replace, you need to configure a padding format of Option 82. If the handling strategy is keep or drop, you need not configure any padding format.
If sub-option 1 (node identifier) of Option 82 is padded with the device name (sysname) of a node, the device name must contain no spaces. Otherwise, the DHCP relay agent drops the message.
Examples
# Specify the verbose padding format for Option 82.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information enable
[Sysname-Vlan-interface1] dhcp relay information strategy replace
[Sysname-Vlan-interface1] dhcp relay information format verbose
display dhcp relay information
dhcp relay information remote-id format-type
Use dhcp relay information remote-id format-type to configure the code type for the non-user-defined remote ID sub-option.
Use undo dhcp relay information remote-id format-type to restore the default.
Syntax
dhcp relay information remote-id format-type { ascii | hex }
undo dhcp relay information remote-id format-type
Default
The code type for the remote ID sub-option is HEX.
Views
Interface view
Default command level
2: System view
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Usage guidelines
This command applies to configuring the non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option by using the dhcp relay information remote-id string command, ASCII is adopted as the code type.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information remote-id format-type ascii
display dhcp relay information
dhcp relay information remote-id string
Use dhcp relay information remote-id string to configure the padding content for the user-defined remote ID sub-option.
Use undo dhcp relay information remote-id string to restore the default.
Syntax
dhcp relay information remote-id string { remote-id | sysname }
undo dhcp relay information remote-id string
Default
The padding content for the remote ID sub-option depends on the padding format of Option 82.
Views
Interface view
Default command level
2: System level
Parameters
remote-id: Specifies the padding content for the user-defined remote ID sub-option, a case-sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Usage guidelines
After you configure the padding content for the remote ID sub-option by using this command, ASCII is adopted as the code type.
If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string "Sysname" command.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information remote-id string device001
· dhcp relay information format
· display dhcp relay information
dhcp relay information strategy
Use dhcp relay information strategy to configure DHCP relay agent handling strategy for messages containing Option 82.
Use undo dhcp relay information strategy to restore the default handling strategy.
Syntax
dhcp relay information strategy { drop | keep | replace }
undo dhcp relay information strategy
Default
The handling strategy for messages containing Option 82 is replace.
Views
Interface view
Default command level
2: System level
Parameters
drop: Drops messages containing Option 82.
keep: Does not change Option 82.
replace: Replaces the original Option 82 with the configured Option 82.
Examples
# Configure the DHCP relay agent handling strategy for messages containing Option 82 as keep.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay information enable
[Sysname-Vlan-interface1] dhcp relay information strategy keep
display dhcp relay information
dhcp relay release ip
Use dhcp relay release ip to request the DHCP server to release a specific client IP address.
Syntax
dhcp relay release ip client-ip
Views
System view
Default command level
2: System level
Parameters
client-ip: Specifies the DHCP client IP address.
Examples
# Request the DHCP server to release the IP address 1.1.1.1.
<Sysname> system-view
[Sysname] dhcp relay release ip 1.1.1.1
dhcp relay security static
Use dhcp relay security static to configure a static client entry, which is the binding between IP address, MAC address, and Layer 3 interface on the relay agent.
Syntax
dhcp relay security static ip-address mac-address [ interface interface-type interface-number ]
undo dhcp relay security { ip-address | all | dynamic | interface interface-type interface-number | static }
Default
No manual client entry is configured on the DHCP relay agent.
Views
System view
Default command level
2: System level
Parameters
ip-address: Specifies the client IP address for creating a static binding.
mac-address: Specifies the client MAC address for creating a static binding, in the format of H-H-H.
interface interface-type interface-number: Specifies a Layer 3 interface connecting to the DHCP client. interface-type interface-number specifies the interface type and interface number.
all: Specifies all client entries to be removed.
dynamic: Specifies dynamic client entries to be removed.
static: Specifies manual client entries to be removed.
Usage guidelines
Use the undo dhcp relay security command to remove specified client entries from the relay agent.
When using the dhcp relay security static command to bind an interface to a static client entry, make sure that the interface is configured as a DHCP relay agent. Otherwise, entry conflicts may occur.
The undo dhcp relay security interface command is used to remove all the dynamic client entries from the interface.
Examples
# Bind DHCP relay interface VLAN-interface 2 to IP address 10.10.1.1 and MAC address 0005-5d02-f2b3 of the client.
<Sysname> system-view
[Sysname] dhcp relay security static 10.10.1.1 0005-5d02-f2b3 interface vlan-interface 2
display dhcp relay security
dhcp relay security refresh enable
Use dhcp relay security refresh enable to enable the DHCP relay agent to periodically refresh dynamic client entries.
Use undo dhcp relay security refresh enable to disable periodic refresh of dynamic client entries.
Syntax
dhcp relay security refresh enable
undo dhcp relay security refresh enable
Default
The DHCP relay agent is enabled to periodically refresh dynamic client entries.
Views
System view
Default command level
2: System level
Usage guidelines
If you disable the DHCP relay agent from periodically refreshing dynamic client entries, such entries do not age automatically. Therefore, if a client relinquishes its IP address, you need to manually remove the corresponding dynamic client entry on the DHCP relay agent.
Examples
# Disable the DHCP relay agent from periodically refreshing dynamic client entries.
<Sysname> system-view
[Sysname] undo dhcp relay security refresh enable
Related commands
· dhcp relay security tracker
· dhcp relay security static
dhcp relay security tracker
Use dhcp relay security tracker to set a refreshing interval at which the relay agent contacts the DHCP server for refreshing dynamic bindings.
Use undo dhcp relay security tracker to restore the default interval.
Syntax
dhcp relay security tracker { interval | auto }
undo dhcp relay security tracker [ interval ]
Default
The refreshing interval is auto, the value of 60 seconds divided by the number of binding entries.
Views
System view
Default command level
2: System level
Parameters
interval: Specifies the refreshing interval in seconds in the range of 1 to 120.
auto: Specifies the auto refreshing interval, which is the value of 60 seconds divided by the number of binding entries. The more entries there are, the shorter the interval. The shortest interval is no less than 500 ms.
Examples
# Set the refreshing interval as 100 seconds.
<Sysname> system-view
[Sysname] dhcp relay security tracker 100
display dhcp relay security tracker
dhcp relay server-detect
Use dhcp relay server-detect to enable unauthorized DHCP server detection.
Use undo dhcp relay server-detect to disable unauthorized DHCP server detection.
Syntax
dhcp relay server-detect
undo dhcp relay server-detect
Default
Unauthorized DHCP server detection is disabled.
Views
System view
Default command level
2: System level
Usage guidelines
With this function enabled, upon receiving a DHCP request, the DHCP relay agent records the IP addresses of all DHCP servers that offered IP addresses to the DHCP client and the receiving interface. Each server detected is recorded only once. The administrator can use this information from logs to check for unauthorized DHCP servers.
After information about recorded DHCP servers is cleared, the relay agent re-records server information following this mechanism.
Examples
# Enable unauthorized DHCP server detection.
<Sysname> system-view
[Sysname] dhcp relay server-detect
dhcp relay server-group
Use dhcp relay server-group to specify a DHCP server for a DHCP server group.
Use undo dhcp relay server-group to remove a DHCP server from a DHCP server group. If you do not specify ip ip-address, this command removes all servers in the DHCP server group and the server group itself.
Syntax
dhcp relay server-group group-id ip ip-address
undo dhcp relay server-group group-id [ ip ip-address ]
Default
No DHCP server is specified for a DHCP server group.
Views
System view
Default command level
2: System level
Parameters
group-id: Specifies the DHCP server group number in the range of 0 to 19.
ip ip-address: Specifies the DHCP server IP address.
Usage guidelines
The IP address of a DHCP server and the IP address of the DHCP relay agent's interface that connects the DHCP client cannot be in the same network segment. Otherwise, the client may fail to obtain an IP address.
If a server group has been correlated to multiple interfaces, you need to cancel these correlations before removing the server group.
Examples
# Specify DHCP server 1.1.1.1 for DHCP server group 1 on the relay agent.
<Sysname> system-view
[Sysname] dhcp relay server-group 1 ip 1.1.1.1
display dhcp relay server-group
dhcp relay server-select
Use dhcp relay server-select to correlate specified interfaces to a specific DHCP server group.
Use undo dhcp relay server-select to remove a configured correlation.
Syntax
dhcp relay server-select group-id
undo dhcp relay server-select
Default
No DHCP server group is correlated with an interface on the relay agent.
Views
Interface view
Default command level
2: System level
Parameters
group-id: Specifies the DHCP server group number to be correlated, in the range of 0 to 19.
Usage guidelines
A DHCP server group can correlate with one or multiple DHCP relay agent interfaces.
A relay agent interface can only correlate with one DHCP server group, and a newly configured correlation overwrites the previous one. If the server group in the new correlation does not exist, the new configuration does not work. The interface still maintains the previous correlation.
The DHCP server group referenced in this command should have been configured by using the dhcp relay server-group command.
Examples
# Correlate VLAN-interface 1 to DHCP server group 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp relay server-select 1
· dhcp relay server-group
· display dhcp relay
dhcp select relay
Use dhcp select relay to enable the relay agent on the current interface. Upon receiving requests from an enabled interface, the relay agent forwards these requests to outside DHCP servers for IP address allocation.
Use undo dhcp select relay to restore the default.
Syntax
dhcp select relay
undo dhcp select relay
Views
Interface view
Default command level
2: System level
Usage guidelines
After DHCP is enabled, the DHCP server is enabled on an interface by default. Upon receiving a client's request from the interface, the DHCP server allocates an IP address from the DHCP address pool to the client.
When the working mode of the interface is changed from DHCP server to DHCP relay agent, neither the IP address leases nor the authorized ARP entries are deleted. However, these ARP entries may conflict with new ARP entries generated on the DHCP relay agent. To avoid this, delete the existing IP address leases when changing the interface working mode to DHCP relay agent.
Examples
# Enable the DHCP relay agent on VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp select relay
dhcp update arp (for DHCP relay agent)
Use dhcp update arp to configure the DHCP relay agent to support authorized ARP.
Use undo dhcp update arp to restore the default.
Syntax
dhcp update arp
undo dhcp update arp
Default
The DHCP relay agent does not support authorized ARP.
Views
Interface view
Default command level
2: System level
Examples
# Configure VLAN-interface 1 to support authorized ARP.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] dhcp update arp
display dhcp relay
Use display dhcp relay to display information about DHCP server groups correlated to an interface or all interfaces.
Syntax
display dhcp relay { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays information about DHCP server groups to which all interfaces correspond.
interface interface-type interface-number: Displays information about the DHCP server group to which a specific interface corresponds.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display information about DHCP server groups correlated to all interfaces.
<Sysname> display dhcp relay all
Interface name Server-group
Vlan-interface10 2
Table 7 Command output
|
Field |
Description |
|
Server-group |
DHCP server group number correlated to the interface. |
display dhcp relay information
Use display dhcp relay information to display Option 82 configuration information on the DHCP relay agent.
Syntax
display dhcp relay information { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays Option 82 configuration information about all interfaces.
interface interface-type interface-number: Displays Option 82 configuration information about a specific interface.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display Option 82 configuration information about all interfaces.
<Sysname> display dhcp relay information all
Interface: Vlan-interface100
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: aabbcc
User defined:
Circuit ID: company001
Interface: Vlan-interface200
Status: Enable
Strategy: Keep
Format: Normal
Circuit ID format-type: HEX
Remote ID format-type: ASCII
User defined:
Remote ID: device001
Table 8 Command output
|
Field |
Description |
|
Interface |
Interface name. |
|
Status |
Option 82 state, Enable or Disable. |
|
Strategy |
Handling strategy for requesting messages containing Option 82, Drop, Keep, or Replace. |
|
Format |
Padding format of Option 82, Normal or Verbose. |
|
Circuit ID format-type |
Non-user-defined code type of the circuit ID sub-option, ASCII or HEX. |
|
Remote ID format-type |
Non-user-defined code type of the remote ID sub-option, ASCII or HEX. |
|
Node identifier |
Access node identifier. |
|
User defined |
Content of user-defined sub-options. |
|
Circuit ID |
User-defined padding content of the circuit ID sub-option. |
|
Remote ID |
User-defined padding content of the remote ID sub-option. |
display dhcp relay security
Use display dhcp relay security to display information about bindings of DHCP relay agents. If you do not specify any parameter, this command displays information about all bindings.
display dhcp relay security [ ip-address | dynamic | static ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
ip-address: Displays binding information about an IP address.
dynamic: Displays information about dynamic bindings.
static: Displays information about static bindings.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
Enable address check on the DHCP relay agent before it can generate dynamic client entries.
Examples
# Display information about all bindings.
<Sysname> display dhcp relay security
IP Address MAC Address Type Interface
10.1.1.1 00e0-0000-0001 Static Vlan1
10.1.1.5 00e0-0000-0000 Static Vlan2
--- 2 dhcp-security item(s) found ---
Table 9 Command output
|
Field |
Description |
|
IP Address |
Client IP address. |
|
MAC Address |
Client MAC address. |
|
Type |
Type of binding, dynamic, static, and temporary. |
|
Interface |
Layer 3 interface connecting to the DHCP client. If no interface is recorded in the binding entry, N/A is displayed. |
display dhcp relay security statistics
Use display dhcp relay security statistics to display statistics information about bindings of DHCP relay agents.
Syntax
display dhcp relay security statistics [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
You need to enable address check on the DHCP relay agent before it can generate dynamic client entries.
Examples
# Display statistics about bindings of DHCP relay agents.
<Sysname> display dhcp relay security statistics
Static Items :1
Dynamic Items :0
Temporary Items :0
All Items :1
Table 10 Command output
|
Field |
Description |
|
Static Items |
Static binding items. |
|
Dynamic Items |
Dynamic binding items. |
|
Temporary Items |
Temporary binding items. |
|
All Items |
All binding items. |
display dhcp relay security tracker
Use display dhcp relay security tracker to display the interval for refreshing dynamic bindings on the relay agent.
Syntax
display dhcp relay security tracker [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display the interval for refreshing dynamic bindings on the relay agent.
<Sysname> display dhcp relay security tracker
Current tracker interval : 10s
The interval is 10 seconds.
display dhcp relay server-group
Use display dhcp relay server-group to display configuration information about a specific or all DHCP server groups.
Syntax
display dhcp relay server-group { group-id | all } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
group-id: Displays information about the specified DHCP server group numbered from 0 to 19.
all: Displays information about all DHCP server groups.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display IP addresses of DHCP servers in DHCP server group 1.
<Sysname> display dhcp relay server-group 1
No. Group IP
1 1.1.1.1
2 1.1.1.2
Table 11 Command output
|
Field |
Description |
|
No. |
Sequence number. |
|
Group IP |
IP address in the server group. |
display dhcp relay statistics
Use display dhcp relay statistics to display DHCP packet statistics related to a specific or all DHCP server groups.
Syntax
display dhcp relay statistics [ server-group { group-id | all } ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
group-id: Specifies a server group number (in the range of 0 to 19) about which to display DHCP packet statistics.
all: Specifies all server groups about which to display DHCP packet statistics. Information about each group is displayed.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify the keyword server-group or all, this command displays all DHCP packet statistics on the relay agent.
Examples
# Display all DHCP packet statistics on the relay agent.
<Sysname> display dhcp relay statistics
Bad packets received: 0
DHCP packets received from clients: 0
DHCPDISCOVER packets received: 0
DHCPREQUEST packets received: 0
DHCPINFORM packets received: 0
DHCPRELEASE packets received: 0
DHCPDECLINE packets received: 0
BOOTPREQUEST packets received: 0
DHCP packets received from servers: 0
DHCPOFFER packets received: 0
DHCPACK packets received: 0
DHCPNAK packets received: 0
BOOTPREPLY packets received: 0
DHCP packets relayed to servers: 0
DHCPDISCOVER packets relayed: 0
DHCPREQUEST packets relayed: 0
DHCPINFORM packets relayed: 0
DHCPRELEASE packets relayed: 0
DHCPDECLINE packets relayed: 0
BOOTPREQUEST packets relayed: 0
DHCP packets relayed to clients: 0
DHCPOFFER packets relayed: 0
DHCPACK packets relayed: 0
DHCPNAK packets relayed: 0
BOOTPREPLY packets relayed: 0
DHCP packets sent to servers: 0
DHCPDISCOVER packets sent: 0
DHCPREQUEST packets sent: 0
DHCPINFORM packets sent: 0
DHCPRELEASE packets sent: 0
DHCPDECLINE packets sent: 0
BOOTPREQUEST packets sent: 0
DHCP packets sent to clients: 0
DHCPOFFER packets sent: 0
DHCPACK packets sent: 0
DHCPNAK packets sent: 0
BOOTPREPLY packets sent: 0
# Display DHCP packet statistics related to every server group on the relay agent.
<Sysname> display dhcp relay statistics server-group all
DHCP relay server-group #0
Packet type Packet number
Client -> Server:
DHCPDISCOVER 0
DHCPREQUEST 0
DHCPINFORM 0
DHCPRELEASE 0
DHCPDECLINE 0
BOOTPREQUEST 0
Server -> Client:
DHCPOFFER 0
DHCPACK 0
DHCPNAK 0
BOOTPREPLY 0
reset dhcp relay statistics
reset dhcp relay statistics
Use reset dhcp relay statistics to remove statistics from the relay agent.
Syntax
reset dhcp relay statistics [ server-group group-id ]
Views
User view
Default command level
1: Monitor level
Parameters
server-group group-id: Specifies a server group number (in the range of 0 to 19) about which to remove statistics from the relay agent.
Usage guidelines
If you do not specify server-group, this command removes all statistics from the relay agent.
Examples
# Remove all statistics from the DHCP relay agent.
<Sysname> reset dhcp relay statistics
Related commands
display dhcp relay statistics
DHCP client configuration commands
The DHCP client configuration is supported only on VLAN interfaces.
When multiple VLAN interfaces having the same MAC address use DHCP for IP address acquisition through a relay agent, the DHCP server cannot be the Windows 2000 Server or Windows 2003 Server.
display dhcp client
Use display dhcp client to display DHCP client information. If you do not specify the interface interface-type interface-number option, this command displays DHCP client information about all interfaces.
Syntax
display dhcp client [ verbose ] [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
verbose: Displays verbose DHCP client information.
interface interface-type interface-number: Specifies an interface by its type and number.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display DHCP client information about all interfaces.
<Sysname> display dhcp client
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
DHCP server: 40.1.1.2
# Display verbose DHCP client information.
<Sysname> display dhcp client verbose
Vlan-interface1 DHCP client information:
Current machine state: BOUND
Allocated IP: 40.1.1.20 255.255.255.0
Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds
Lease from 2005.08.13 15:37:59 to 2005.08.16 15:37:59
DHCP server: 40.1.1.2
Transaction ID: 0x1c09322d
Default router: 40.1.1.2
Classless static route:
Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16
Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16
DNS server: 44.1.1.11
DNS server: 44.1.1.12
Domain name: ddd.com
Boot server: 200.200.200.200 1.1.1.1
Client ID: 3030-3066-2e65-3234-
392e-3830-3438-2d56-
6c61-6e2d-696e-7465-
7266-6163-6531
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.
Table 12 Command output
|
Field |
Description |
|
Vlan-interface1 DHCP client information |
Information about the interface acting as the DHCP client. |
|
Current machine state |
Current state of the DHCP client: · HALT—The client stops applying for an IP address. · INIT—The initialization state. · SELECTING—The client has sent out a DHCP-DISCOVER message in search for a DHCP server and is waiting for the response from DHCP servers. · REQUESTING—The client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from DHCP servers. · BOUND—The client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully. · RENEWING—The T1 timer expires. · REBOUNDING—The T2 timer expires. |
|
Allocated IP |
IP address allocated by the DHCP server. |
|
Allocated lease |
Allocated lease time. |
|
T1 |
1/2 lease time (in seconds) of the DHCP client IP address. |
|
T2 |
7/8 lease time (in seconds) of the DHCP client IP address. |
|
Lease from….to…. |
Start and end time of the lease. |
|
DHCP server |
DHCP server IP address that assigned the IP address. |
|
Transaction ID |
Transaction ID, a random number chosen by the client to identify an IP address allocation. |
|
Default router |
Gateway address assigned to the client. |
|
Classless static route |
Classless static routes assigned to the client. |
|
Static route |
Classful static routes assigned to the client. |
|
DNS server |
DNS server address assigned to the client. |
|
Domain name |
Domain name suffix assigned to the client. |
|
Boot server |
PXE server addresses (up to 16 addresses) specified for the DHCP client, which are obtained through Option 43. |
|
Client ID |
DHCP client ID. |
|
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds. |
How long the T1 (1/2 lease time) timer will timeout. |
ip address dhcp-alloc
Use ip address dhcp-alloc to configure an interface to use DHCP for IP address acquisition.
Use undo ip address dhcp-alloc to cancel an interface from using DHCP.
Syntax
ip address dhcp-alloc [ client-identifier mac interface-type interface-number ]
undo ip address dhcp-alloc
Default
An interface does not use DHCP for IP address acquisition.
Views
Interface view
Default command level
2: System level
Parameters
client-identifier mac interface-type interface-number: Enables an interface to use its MAC address as the client ID to obtain an IP address.
Usage guidelines
If no parameter is specified, the client uses a character string comprised of the current interface name and MAC address as its ID for address acquisition.
The DHCP client sends a DHCP-RELEASE message for releasing the IP address obtained through DHCP.
For a subinterface that obtained an IP address through DHCP, using the shutdown command on its primary interface does not make the subinterface send a DHCP-RELEASE message for releasing the sub interface's IP address.
Examples
# Configure VLAN-interface 1 to use DHCP for IP address acquisition.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address dhcp-alloc
DHCP snooping configuration commands
A DHCP snooping enabled device can work between the DHCP client and relay agent or between the DHCP client and server. It does not work if it is between the DHCP relay agent and DHCP server.
dhcp-snooping
Use dhcp-snooping to enable DHCP snooping.
Use undo dhcp-snooping to disable DHCP snooping.
Syntax
dhcp-snooping
undo dhcp-snooping
Default
DHCP snooping is disabled.
Views
System view
Default command level
2: System level
Usage guidelines
When DHCP snooping is disabled, the device forwards all responses received from DHCP servers and does not record MAC-IP binding information about DHCP clients.
Examples
# Enable DHCP snooping.
<Sysname> system-view
[Sysname] dhcp-snooping
display dhcp-snooping
dhcp-snooping binding database filename
Use dhcp-snooping binding database filename to specify a file to store DHCP snooping entries.
Use undo dhcp-snooping binding database filename to restore the default.
Syntax
dhcp-snooping binding database filename filename
undo dhcp-snooping binding database filename
Default
No file is specified.
Views
System view
Default command level
2: System level
Parameters
filename: Specifies the file name. For information about file name definition, see Fundamentals Configuration Guide.
Usage guidelines
If the specified file does not exist, the device automatically creates the file when it stores the first DHCP snooping entry.
This command enables the device to store DHCP snooping entries in the specified file immediately. After that, the device updates DHCP snooping entries at the interval set by the dhcp-snooping binding database update interval command.
Examples
# Specify the file database.dhcp to store DHCP snooping entries.
<Sysname> system-view
[Sysname] dhcp-snooping binding database filename database.dhcp
dhcp-snooping binding database update interval
dhcp-snooping binding database update interval
Use dhcp-snooping binding database update interval to set the interval at which the device updates DHCP snooping entries.
Use undo dhcp-snooping binding database update interval to restore the default.
Syntax
dhcp-snooping binding database update interval minutes
undo dhcp-snooping binding database update interval
Default
The device does not update DHCP snooping entries periodically.
Views
System view
Default command level
2: System level
Parameters
minutes: Specifies the update interval in the range of 1 to 14400 minutes.
Usage guidelines
This command enables updating DHCP snooping entries at the specified interval.
· If a DHCP snooping entry is learned or removed during an interval, DHCP snooping adds or removes this entry at the end of this interval.
· If no change occurs within the interval, DHCP snooping does not perform update operation.
This command takes effect only when the file for storing DHCP snooping entries has been specified with the command dhcp-snooping binding database filename.
Examples
# Configure the device to update DHCP snooping entries every 10 minutes.
<Sysname> system-view
[Sysname] dhcp-snooping binding database update interval 10
dhcp-snooping binding database filename
dhcp-snooping binding database update now
Use dhcp-snooping binding database update now to store DHCP snooping entries to the file.
Syntax
dhcp-snooping binding database update now
Views
System view
Default command level
2: System level
Usage guidelines
DHCP snooping entries are stored to the file each time this command is used.
This command takes effect only when the DHCP snooping entry file is specified.
Examples
# Store DHCP snooping entries to the file.
<Sysname> system-view
[Sysname] dhcp-snooping binding database update now
dhcp-snooping binding database filename
dhcp-snooping binding record user-identity
Use dhcp-snooping binding record user-identity to enable recording of Option 55 and Option 60 for the user.
Use undo dhcp-snooping binding record user-identity to disable the function.
Syntax
dhcp-snooping binding record user-identity
undo dhcp-snooping binding record user-identity
Default
The function is disabled.
Views
System view
Default command level
1: Monitor level
Examples
# Enable recording of Option 55 and Option 60 for the user.
<Sysname> system-view
[Sysname] dhcp-snooping binding record user-identity
dhcp-snooping check mac-address
Use dhcp-snooping check mac-address to enable MAC address check on a DHCP snooping device.
Use undo dhcp-snooping check mac-address to disable MAC address check of DHCP snooping.
Syntax
dhcp-snooping check mac-address
undo dhcp-snooping check mac-address
Default
This function is disabled.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Usage guidelines
With this function enabled, DHCP snooping compares the chaddr field of a received DHCP request with the source MAC address field in the frame header. If they are the same, DHCP snooping considers this request valid and forwards it to the DHCP server. If not, DHCP snooping discards the DHCP request.
Examples
# Enable MAC address check for DHCP snooping.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping check mac-address
dhcp-snooping check request-message
Use dhcp-snooping check request-message to enable DHCP-REQUEST message check of DHCP snooping.
Use undo dhcp-snooping check request-message to disable DHCP-REQUEST message check of the DHCP snooping.
Syntax
dhcp-snooping check request-message
undo dhcp-snooping check request-message
Default
This function is disabled.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Usage guidelines
With this function enabled, DHCP snooping looks for a matching DHCP snooping entry for each received DHCP-REQUEST message.
· If a match is found, DHCP snooping compares the entry with the message. If they are consistent, DHCP snooping considers the DHCP-REQUEST message a valid lease renewal request and forwards it to the DHCP server. If they are not consistent, DHCP snooping considers the message a forged lease renewal request and discards it.
· If no match is found, DHCP snooping forwards the message to the DHCP server.
Examples
# Enable DHCP-REQUEST message check for DHCP snooping.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping check request-message
dhcp-snooping information circuit-id format-type
Use dhcp-snooping information circuit-id format-type to configure the code type for the non-user-defined circuit ID sub-option.
Use undo dhcp-snooping information circuit-id format-type to restore the default.
Syntax
dhcp-snooping information circuit-id format-type { ascii | hex }
undo dhcp-snooping information circuit-id format-type
Default
The code type for the circuit ID sub-option depends on the padding format of Option 82. Each field has its own code type.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
ascii: Specifies the code type for the circuit ID sub-option as ascii.
hex: Specifies the code type for the circuit ID sub-option as hex.
Usage guidelines
This command configures the code type for only the non-user-defined circuit ID sub-option. After you configure the padding content for the circuit ID sub-option by using the dhcp-snooping information circuit-id string command, ASCII is adopted as the code type. The private padding format supports only the hex code type.
Examples
# Configure the padding format for the non-user-defined circuit ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information circuit-id format-type ascii
· display dhcp-snooping information
· dhcp-snooping information format
dhcp-snooping information circuit-id string
Use dhcp-snooping information circuit-id string to configure the padding content for the user-defined circuit ID sub-option.
Use undo dhcp-snooping information circuit-id string to restore the default.
Syntax
dhcp-snooping information [ vlan vlan-id ] circuit-id string circuit-id
undo dhcp-snooping information [ vlan vlan-id ] circuit-id string
Default
The padding content for the circuit ID sub-option depends on the padding format of Option 82.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID in the range of 1 to 4094.
circuit-id: Specifies the padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.
Usage guidelines
After you configure the padding content for the circuit ID sub-option by using this command, ASCII is adopted as the code type.
If a VLAN is specified, the configured circuit ID sub-option only takes effect within the VLAN. If no VLAN is specified, the configured circuit ID sub-option takes effect in all VLANs. The circuit ID sub-option specified for a VLAN is padded for packets within the VLAN.
Examples
# Configure the padding content for the user-defined circuit ID sub-option as company001.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information circuit-id string company001
· dhcp-snooping information format
· display dhcp-snooping information
dhcp-snooping information enable
Use dhcp-snooping information enable to configure DHCP snooping to support Option 82.
Use undo dhcp-snooping information enable to disable this function.
Syntax
dhcp-snooping information enable
undo dhcp-snooping information enable
Default
DHCP snooping does not support Option 82.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Examples
# Configure DHCP snooping to support Option 82.
<Sysname> system-view
[Sysname] interface gigabitethernet1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
display dhcp-snooping information
dhcp-snooping information format
Use dhcp-snooping information format to specify the padding format for Option 82.
Use undo dhcp-snooping information format to restore the default.
Syntax
dhcp-snooping information format { normal | private private | standard | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] }
undo dhcp-snooping information format
Default
The node MAC address is used as the node identifier.
Default
The padding format for Option 82 is normal.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
normal: Specifies the normal padding format.
private private: Specifies the private padding format. The private value can only be 1, which represents the private padding format.
standard: Specifies the standard padding format.
verbose: Specifies the verbose padding format.
node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. mac indicates using MAC address as the node identifier.
· sysname indicates using the device name of a node as the node identifier.
· user-defined node-identifier indicates using a specific character string as the node identifier, a string of 1 to 50 characters.
Usage guidelines
When you use the undo dhcp-snooping information format command:
· If the verbose node-identifier option is not included, the padding format is restored to normal.
· If the verbose node-identifier option is included, the padding format is restored to verbose with MAC address as the node identifier.
Examples
# Specify the padding format as verbose for Option 82.
[Sysname] interface gigabitethernet1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information strategy replace
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information format verbose
display dhcp-snooping information
dhcp-snooping information remote-id format-type
Use dhcp-snooping information remote-id format-type to configure the code type for the non-user-defined remote ID sub-option.
Use undo dhcp-snooping information remote-id format-type to restore the default.
Syntax
dhcp-snooping information remote-id format-type { ascii | hex }
undo dhcp-snooping information remote-id format-type
Default
The code type for the remote ID sub-option is Hex.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
ascii: Specifies the code type for the remote ID sub-option as ascii.
hex: Specifies the code type for the remote ID sub-option as hex.
Usage guidelines
This command applies to configuring a non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option by using the dhcp-snooping information remote-id string command, ASCII is adopted as the code type. The private padding format only supports the hex code type.
Examples
# Configure the code type for the non-user-defined remote ID sub-option as ascii.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information remote-id format-type ascii
· display dhcp-snooping information
· dhcp-snooping information format
dhcp-snooping information remote-id string
Use dhcp-snooping information remote-id string to configure the padding content for the user-defined remote ID sub-option.
Use undo dhcp-snooping information remote-id string to restore the default.
Syntax
dhcp-snooping information [ vlan vlan-id ] remote-id string { remote-id | sysname }
undo dhcp-snooping information [ vlan vlan-id ] remote-id string
Default
The padding content for the remote ID sub-option depends on the padding format of Option 82.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID in the range of 1 to 4094.
remote-id: Specifies the padding content for the user-defined circuit ID sub-option, a case-sensitive string of 1 to 63 characters.
sysname: Specifies the device name as the padding content for the remote ID sub-option.
Usage guidelines
After you configure the padding content for the remote ID sub-option by using this command, ASCII is adopted as the code type.
If a VLAN is specified, the configured remote ID sub-option only takes effect within the VLAN. If no VLAN is specified, the configured remote ID sub-option takes effect in all VLANs. The remote ID sub-option configured for a VLAN is padded for the packets within the VLAN.
If you want to specify a character string (a case-insensitive character string) as the padding content for the remote ID sub-option, use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, enter the dhcp relay information remote-id string "Sysname" command.
Examples
# Configure the padding content for the remote ID sub-option as device001.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information remote-id string device001
· dhcp-snooping information format
· display dhcp-snooping information
dhcp-snooping information strategy
Use dhcp-snooping information strategy to configure the handling strategy for Option 82 in requesting messages.
Use undo dhcp-snooping information strategy to restore the default.
Syntax
dhcp-snooping information strategy { append | drop | keep | replace }
undo dhcp-snooping information strategy
Default
The handling strategy for Option 82 in requesting messages is replace.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
append: Forwards messages containing Option 82 after adding content to sub-option 9 of Option 82. The append strategy is supported only when the private padding format and sub-option 9 are configured. In other cases, the device forwards messages without changing Option 82.
drop: Drops messages containing Option 82.
keep: Does not change Option 82.
replace: Replaces the original Option 82 with the configured Option 82.
Examples
# Configure the handling strategy for Option 82 in requesting messages as keep.
<Sysname> system-view
[Sysname] interface gigabitethernet1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information enable
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information strategy keep
· display dhcp-snooping information
· dhcp-snooping information format
· dhcp-snooping information sub-option
dhcp-snooping information sub-option
Use dhcp-snooping information sub-option to configure a sub-option.
Use undo dhcp-snooping information sub-option to restore the default.
Syntax
dhcp-snooping information [ vlan vlan-id ] sub-option sub-option-code [ string user-string&<1-8> ]
undo dhcp-snooping information [ vlan vlan-id ] sub-option sub-option-code
Default
No sub-option is configured.
Views
Layer 2 Ethernet port view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID in the range of 1 to 4094.
sub-option sub-option-code: Specifies the number of the sub-option. Only sub-option 9 is supported.
string user-string&<1-8>: Configures the content of the sub-option, a case-sensitive string of 1 to 63 characters. &<1-8> represents that you can enter a maximum of 8 strings separated by spaces.
Usage guidelines
This configuration takes effect only for the private padding format. To configure the private padding format, use the dhcp-snooping information format private 1 command.
If no content is configured for sub-option 9 with the string user-string option, the primary device uses sysname and the primary address of the Loopback0 interface to pad sub-option 9 and a secondary device uses sysname to pad sub-option 9. The device configured with the dhcp-snooping information strategy append command is the primary device and a device configured with some other strategy is a secondary device.
After you use the string user-string option to configure sub-option 9, the device uses the ASCII code type to pad the characters into sub-option 9 in the order that they are configured. When the total length of all sub-options reaches 255, the device stops padding automatically.
The sub-option 9 content configured only applies to the VLAN that is specified by the vlan vlan-id option. If no VLAN ID is specified, the sub-option 9 content applies to all VLANs. A VLAN prefers its own sub-option 9 content over the one configured for all VLANs.
Examples
# Configure the user-defined sub-option 9 as group001.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping information sub-option 9 string group001
· dhcp-snooping information format
· dhcp-snooping information strategy
· display dhcp-snooping information
dhcp-snooping trust
Use dhcp-snooping trust to configure a port as a trusted port.
Use undo dhcp-snooping trust to restore the default state of a port.
Syntax
dhcp-snooping trust [ no-user-binding ]
undo dhcp-snooping trust
Default
All ports are untrusted.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Parameters
no-user-binding: Specifies the port to not record the clients' IP-to-MAC bindings in received DHCP requests. If you do not specify this keyword, the port records the IP-to-MAC bindings for clients.
Usage guidelines
After you enable DHCP snooping, you need to specify the ports connected to the authorized DHCP servers as trusted ports to make sure that DHCP clients can obtain valid IP addresses.
Examples
# Specify GigabitEthernet 1/0/1 as a trusted port and enable it to record the IP-to-MAC bindings of clients.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping trust
display dhcp-snooping trust
dhcp-snooping verify reply-message
Use dhcp-snooping verify reply-message to enable the DHCP snooping device to verify DHCP broadcast replies.
Use undo dhcp-snooping verify reply-message to disable the DHCP broadcast reply verification on the interface.
Syntax
dhcp-snooping verify reply-message
undo dhcp-snooping verify reply-message
Default
The DHCP snooping device does not verify DHCP broadcast replies. It forwards the replies to the destination broadcast address.
Views
Layer 2 Ethernet interface view, Layer 2 aggregate interface view, WLAN-ESS interface view
Default command level
2: System level
Usage guidelines
This command enables the DHCP snooping device to drop DHCP-OFFER and DHCP-ACK broadcast messages if the messages do not match any DHCP snooping entries.
Examples
# Enable the DHCP snooping device to verify DHCP broadcast replies on GigabitEthernet 1/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dhcp-snooping verify reply-message
display dhcp-snooping
Use display dhcp-snooping to display DHCP snooping entries.
Syntax
display dhcp-snooping [ ip ip-address ] [ verbose ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
ip ip-address: Displays the DHCP snooping entries corresponding to the specified IP address.
verbose: Displays detailed information about DHCP snooping entries.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
Only the DHCP snooping entries containing IP-to-MAC bindings that are present both in the DHCP-ACK and DHCP-REQUEST messages are displayed by using the display dhcp-snooping command.
Examples
# Display all DHCP snooping entries.
<Sysname> display dhcp-snooping
DHCP Snooping is enabled.
The client binding table for all untrusted ports.
Type : D--Dynamic , S--Static , R--Recovering
Type IP Address MAC Address Lease VLAN SVLAN Interface
==== =============== ============== ============ ==== ===== =================
D 10.1.1.1 00e0-fc00-0006 286 1 2 Ten-GigabitEthernet1/0/1
--- 1 dhcp-snooping item(s) found ---
Table 13 Command output
|
Field |
Description |
|
Type |
Entry type: · D—Dynamic. · S—Static. Static DHCP snooping entries are not supported. · R—Specifies that the DHCP snooping entry is being restored through the DHCP snooping entry file, and the interface in the entry is invalid. |
|
IP Address |
IP address assigned to the DHCP client. |
|
MAC Address |
MAC address of the DHCP client. |
|
Lease |
Remaining lease duration (in seconds). |
|
VLAN |
When both DHCP snooping and QinQ are enabled or the DHCP packet contains two VLAN tags, this field displays the outer VLAN tag. Otherwise, it identifies the VLAN where the port connected to the DHCP client resides. |
|
SVLAN |
When both DHCP snooping and QinQ are enabled or the DHCP packet contains two VLAN tags, this field displays the inner VLAN tag. Otherwise, it displays N/A. |
|
Interface |
Port to which the DHCP client is connected. |
# Displays detailed information about DHCP snooping entries.
<Sysname> display dhcp-snooping verbose
DHCP Snooping is enabled.
The client binding table for all untrusted ports.
Type: Dynamic
IP address:10.1.1.1
MAC address: 00e0-fc00-0006
Lease: 286 seconds
VLAN: 1
SVLAN: 2
Interface: Ten-GigabitEthernet1/0/1
Parameter requested: 03 06 21
Vendor class identifier: h3c
Type: Dynamic
IP address:10.1.1.2
MAC address: 00e0-fc00-0010
Lease: 286 seconds
VLAN: 1
SVLAN 2
Interface: Ten-GigabitEthernet1/0/1
Parameter requested: 37 0B 01 0F 03 06 2C 2E 2F 1F 21 F9 2B
Vendor class identifier: MSFT 5.0
--- 2 dhcp-snooping item(s) found ---
Table 14 Command output
|
Field |
Description |
|
Type |
Entry type: · Dynamic—Specifies that the DHCP snooping entry is dynamically generated. · Static—Specifies that the DHCP snooping entry is statically configured. Static DHCP snooping entries are not supported. · Recovering—Specifies that the DHCP snooping entry is being restored through the DHCP snooping entry file, and the interface in the entry is invalid. |
|
IP Address |
IP address assigned to the DHCP client. |
|
MAC Address |
MAC address of the DHCP client. |
|
Lease |
Remaining lease duration (in seconds). |
|
VLAN |
When both DHCP snooping and QinQ are enabled or the DHCP packet contains two VLAN tags, this field displays the outer VLAN tag. Otherwise, it identifies the VLAN where the port connected to the DHCP client resides. |
|
SVLAN |
When both DHCP snooping and QinQ are enabled or the DHCP packet contains two VLAN tags, this field displays the inner VLAN tag. Otherwise, it displays 0. |
|
Interface |
Port to which the DHCP client is connected. |
|
Parameter requested |
Parameter request list option. It is used by a DHCP client to request specified configuration parameters from the server. The option includes values that correspond to the parameters requested by the client. |
|
Vendor class identifier |
Vendor class identifier option. It is used by a DHCP client to identify its vendor, and by a DHCP server to distinguish DHCP clients by vendor class and assign specific IP addresses to the DHCP clients. |
· dhcp-snooping
· reset dhcp-snooping
display dhcp-snooping binding database
Use display dhcp-snooping binding database to display information about the DHCP snooping entry file.
Syntax
display dhcp-snooping binding database [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display the DHCP snooping entry file information.
<Sysname> display dhcp-snooping binding database
File name : flash:/database.dhcp
Update interval : 10 minutes
Latest read time : Jul 15 2008 16:38:22
Latest write time : Jul 15 2008 16:38:24
Status : Last write succeeded.
Table 15 Command output
|
Field |
Description |
|
File name |
File name. |
|
Update interval |
Interval at which DHCP snooping entries are updated. |
|
Latest read time |
Last time when the file is read. |
|
Latest write time |
Last time when the file is written. |
|
Status |
Whether the file was written successfully last time. |
display dhcp-snooping information
Use display dhcp-snooping information to display Option 82 configuration information on the DHCP snooping device.
Syntax
display dhcp-snooping information { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
all: Displays Option 82 configuration information about all Layer 2 Ethernet interfaces.
interface interface-type interface-number: Displays Option 82 configuration information about a specific interface.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display Option 82 configuration information about all interfaces.
<Sysname> display dhcp-snooping information all
Interface: Ten-Gigabitethernet 1/0/1
Status: Enable
Strategy: Replace
Format: Verbose
Circuit ID format-type: HEX
Remote ID format-type: ASCII
Node identifier: aabbcc
Sub-option 9: Enabled
User defined:
Circuit ID: company001
Sub-option 9 content: group1
Interface: Ten-Gigabitethernet 1/0/2
Status: Disable
Strategy: Keep
Format: Normal
Circuit ID format-type: HEX
Remote ID format-type: ASCII
User defined:
Circuit ID: company001
Remote ID: device001
VLAN 10:
Circuit ID: vlan10@company001
Sub-option 9: Enable
Sub-option 9 content: group1
VLAN 20:
Remote ID: device001
Sub-option 9: Enabled
display dhcp-snooping packet statistics
Use display dhcp-snooping packet statistics to display DHCP packet statistics for DHCP snooping.
Syntax
display dhcp-snooping packet statistics [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display DHCP packet statistics for DHCP snooping.
<Sysname> display dhcp-snooping packet statistics
DHCP packets received : 100
DHCP packets sent : 200
Packets dropped due to rate limitation : 20
Dropped invalid packets : 0
reset dhcp-snooping packet statistics
display dhcp-snooping trust
Use display dhcp-snooping trust to display information about trusted ports.
Syntax
display dhcp-snooping trust [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display information about trusted ports.
<Sysname> display dhcp-snooping trust
DHCP Snooping is enabled.
DHCP Snooping trust becomes active.
Interface Trusted
========================= ============
Ten-GigabitEthernet1/0/1 Trusted
The above output shows that DHCP snooping is enabled, DHCP snooping trust is active, and port Ten-GigabitEthernet 1/0/1 is trusted.
dhcp-snooping trust
reset dhcp-snooping
Use reset dhcp-snooping to clear DHCP snooping entries.
Syntax
reset dhcp-snooping { all | ip ip-address }
Views
User view
Default command level
2: System level
Parameters
all: Clears all DHCP snooping entries.
ip ip-address: Clears the DHCP snooping entries for the specified IP address.
Examples
# Clear all DHCP snooping entries.
<Sysname> reset dhcp-snooping all
display dhcp-snooping
reset dhcp-snooping packet statistics
Use reset dhcp-snooping packet statistics to clear DHCP packet statistics for the DHCP snooping device.
Syntax
reset dhcp-snooping packet statistics
Views
User view
Default command level
1: Monitor level
Examples
# Clear DHCP packet statistics for DHCP snooping.
<Sysname> reset dhcp-snooping packet statistics
Related commands
display dhcp-snooping packet statistics
BOOTP client configuration commands
BOOTP client configuration can only be used on VLAN interfaces.
If several VLAN interfaces sharing the same MAC address obtain IP addresses through a BOOTP relay agent, the BOOTP server cannot be a Windows 2000 Server or Windows 2003 Server.
You cannot configure an interface of an aggregation group as a BOOTP client.
display bootp client
Use display bootp client to display related information about a BOOTP client.
Syntax
display bootp client [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
interface interface-type interface-number: Displays BOOTP client information about the interface.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify any interface, the command displays information about BOOTP clients for all interfaces.
If you specify an interface, the command displays information about the BOOTP client for the specified interface.
Examples
# Display BOOTP client information about VLAN-interface 1.
<Sysname> display bootp client interface vlan-interface 1
Vlan-interface1 BOOTP client information:
Allocated IP: 169.254.0.2 255.255.0.0
Transaction ID = 0x3d8a7431
Mac Address 00e0-fc0a-c3ef
Table 16 Command output
|
Field |
Description |
|
Vlan-interface1 BOOTP client information |
Information about the interface that serves as a BOOTP client. |
|
Allocated IP |
BOOTP client's IP address allocated by the BOOTP server. |
|
Transaction ID |
Value of the XID field in a BOOTP message, a random number chosen when the BOOTP client sends a BOOTP request to the BOOTP server. It is used to match a response message from the BOOTP server. If the values of the XID field are different in the BOOTP response and request, the BOOTP client drops the BOOTP response. |
|
Mac Address |
MAC address of a BOOTP client. |
ip address bootp-alloc
Use ip address bootp-alloc to configure an interface to use BOOTP for IP address acquisition.
Use undo ip address bootp-alloc to cancel an interface from using BOOTP from acquiring an IP address.
Syntax
ip address bootp-alloc
undo ip address bootp-alloc
Default
An interface does not use BOOTP for IP address acquisition.
Views
Interface view
Default command level
2: System level
Examples
# Configure VLAN-interface 1 to use BOOTP for IP address acquisition.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address bootp-alloc
Related commands
display bootp client
