How can block/filter the DCHP traffic from one port in a managed switch?
We are using RackSwitch G8052 switches. And I want to block both, client (DHCPDISCOVER,DHCPREQUEST) and server (DHCPOFFER,DHCPACK) traffic.
I read that multicast flow can be controlled with IGMP Snooping configuration, but it requires too much configuration and changes in a already setted fabric.
I looking something like:
config
interface 0/42
ip dhcp filter
exit
exit
Page 402 of the manual for the RackSwitch G8052 describes DHCP Snooping, which filters DHCP traffic.
The basic premise is that you flag ports that are allowed to send packets as a DHCP server (DHCPOFFER, DHCPACK), and by default all other ports are only allowed to send client packets (DHCPDISCOVER, DHCPREQUEST).
It appears the syntax is identical to that of Cisco IOS switches, so if you find a tutorial online on how to do it on a Catalyst switch, it will apply to you, too.
The basics are:
ip dhcp snoopingip dhcp snooping vlan xxfor every xx vlan that you want to control DHCP onip dhcp snooping truston any interface that has a DHCP server connected to it, including uplink ports to other switches if that uplink port is how the clients on this switch get DHCP service.