when dhcp snooping entries removed ?

  • 0
  • 1
  • Question
  • Updated 4 years ago
Hi ;

I know that we can clear dhcp-bindings for a port manually.

Are there any way to clear dhcp-bindings when an interface is down ?

Is there any way to create a timer for that or am i have to wait for the  dhcp lease time?

Regards,

Burak.
Photo of Burak Kale

Burak Kale

  • 280 Points 250 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Hernandez, Joshua

Hernandez, Joshua, Employee

  • 1,564 Points 1k badge 2x thumb
Burak Kale,

If you are using an Extreme EXOS device you can use the following command to set the lease timer for DHCP:

configure vlan <vlan_name> dhcp-lease-timer <seconds>

If you want to clear the existing DHCP allocations use the following command:

clear vlan <vlan_name> dhcp-address-allocation
Photo of Burak Kale

Burak Kale

  • 280 Points 250 badge 2x thumb
Hi Joshua;

Thanks for the quick reply.

Is it same when we are using different dhcp server ?

Because i am just asking about dhcp snooping.

Regards,

Burak.
Photo of Hernandez, Joshua

Hernandez, Joshua, Employee

  • 1,564 Points 1k badge 2x thumb
Burak,

What can you specify the role the Extreme device plays in the DHCP process?
Photo of Burak Kale

Burak Kale

  • 280 Points 250 badge 2x thumb
We are using the dhcp snooping feature to ensure about DHCP security

Thanks
Photo of Hernandez, Joshua

Hernandez, Joshua, Employee

  • 1,564 Points 1k badge 2x thumb
Burak,

Please explain in greater detail what you are wanting to accomplish.
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
if you are good at script then you can match the port down log and clear the snooping entry using the simple script
Photo of Brandon Clay

Brandon Clay, Escalation Support Engineer

  • 13,594 Points 10k badge 2x thumb
Hi Burak,

You can clear the DHCP snooping bindings for a vlan, but they cannot be cleared per-port. You could configure a UPM profile to clear the bindings on a link down, but since this would be per-vlan, it would not do what you are asking.

-Brandon
Photo of Burak Kale

Burak Kale

  • 280 Points 250 badge 2x thumb
So i understand from that last two answers , we can do it by using a script file.

clear ip-security dhcp-snooping entries vlan "Default" ports 7

@Brandon ; we can clear the bindings using the following command .

I think if i can write correct script that finds the ports that goes down , i can do that.

Thanks for the ideas. I will try that , and if i succeed i will share.

Regards,

Burak.
Photo of Brandon Clay

Brandon Clay, Escalation Support Engineer

  • 13,594 Points 10k badge 2x thumb
Burak,

I apologize, I misspoke previously. You can specify the port in that command.

You should be able to find information on setting up UPM profiles in the Universal Port section of the EXOS User Guide.