Header Only - DO NOT REMOVE - Extreme Networks

dhcp binding + dhcp excluded


Userlevel 6
Hello, all!

Can you, please, give me explanation about DHCP-binding.

User Guide says "The DHCP bindings database contains the IP address, MAC Address, VLAN ID, and port number of the untrusted interface or client."
But as I understand dhcp binding - when we want to give to some client MAC address preconfigured IP address. Or I'm wrong?
If I wrong - how can we bind MAC-IP addresses pairs?

And last question: how can we exclude some addresses from switch DHCP-server?
As I remember - there wasn't so option.
But what we have to do if switch have dhcp-server with pool, for example, 10.0.0.50 - 10.0.0.100, but we have some clients which have static address 10.0.0.70 ???

9 replies

Userlevel 7
The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.
Userlevel 6
Erik Auerswald wrote:

The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.

OK.

In case if I want to map some clilent MAC to some IP, how can I do this on Summit?

Thank you!
Userlevel 7
Erik Auerswald wrote:

The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.

I don't think this is possible. The "ip-security dhcp-binding" commands pertain to DHCP snooping as far as I know.

You would need to specify an address range that does not include statically assigned addresses.
Userlevel 5
Erik Auerswald wrote:

The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.

Hi Alexandr P, is this what you're looking to deploy: http://documentation.extremenetworks.com/exos/EXOS_21_1/Security/c_configuring-dhcp-binding.shtml ?
Userlevel 6
Erik Auerswald wrote:

The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.

Hi, Kawawa!

I look there. In this section "Configuring DHCP Binding" all clear.

But earlier, in section "DHCP Snooping and Trusted DHCP Server" was write that "The DHCP bindings database contains the IP address, MAC Address, VLAN ID, and port number of the untrusted interface or client." Word untrusted confused me.
Userlevel 5
Erik Auerswald wrote:

The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.

Ahh yes, I now follow. My understanding is that all ports are untrusted unless listed as trusted, therefore the switch drops and logs a violation for any DHCP packets arriving from a DHCP server on that port!
Userlevel 6
Erik Auerswald wrote:

The DHCP binding database of the switch pertains to DHCP snooping, where the switch records which IP address has been provided to and accepted by what MAC address.

OK.
Thank you!
Userlevel 5
To sum up this thread, the following article outlines some ideas around DHCP Snooping and the DHCP Bindings database: How to configure DHCP Snooping on EXOS
Interesting article on the knowledge base.
A couple of question:
- Can I read via SNMP the table with the dhcp-snooping entries ?
- I am trying to delete the configure ip-security dhcp-bindings storage filename dhcpbind.xsf

command from my config but I can not. Any ideas ?

Thanks
Emanuel

Reply