Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1275
Views
0
Helpful
0
Comments

Configure DHCP Trusted Interface Settings on a Switch through the CLI

smallbusiness
Community Manager
Community Manager

‎08-31-2017 01:59 AM - edited ‎03-21-2019 12:49 AM

Article ID:5715

Configure DHCP Trusted Interface Settings on a Switch through the CLI

Objective

Dynamic Host Configuration Protocol (DHCP) snooping provides a security mechanism to prevent receiving false DHCP response packets and to log DHCP addresses. It does this by treating ports on the device as either trusted or untrusted.

A trusted port is a port that is connected to a DHCP server and is allowed to assign DHCP addresses. DHCP messages received on trusted ports are allowed to pass through the device. Packets from these ports are automatically forwarded. If DHCP Snooping is not enabled, all ports are trusted by default.

An untrusted port is a port that is not allowed to assign DHCP addresses. By default, all ports are considered untrusted until you declare them trusted.

This article aims to show you how to configure DHCP Trusted Interface Settings on your switch through the Command Line Interface (CLI). To learn how to configure DHCP Trusted Interface Settings through the switch web-based utility, click here.

Applicable Devices

  • Sx300 Series
  • SG350X Series
  • Sx500 Series
  • SG500X

Software Version

  • 1.4.8.06 — Sx300, Sx500, SG500X
  • 2.3.0.130 — SG350X

Configure DHCP Trusted Interface Settings

Note: This article assumes that DHCP snooping is already enabled on the switch.

Step 1. Connect your computer to the switch using a console cable and launch a terminal emulator application to access the switch CLI.

Note: In this example, PuTTY is used as the terminal emulator application.

Step 2. In the PuTTY Configuration window, click Serial as the Connection type and enter the default speed for the serial line which is 115200. Then, click Open.

Step 3. In the CLI, enter the global configuration command mode by entering the following:

Note: In this example, the switch used is SG350X-48MP.

Step 4. Once you are on the global configuration mode, enter the specific port or interface that you want to tag as trusted by entering the following:

Note: In this example, interface ge1/0/1 is used. This stands for Gigabit Ethernet port number/stack number (if your switch belongs to a stack) /switch number.

Step 5. Enter the trust command by entering the following:

Note: The prompt has now changed from (config) to (config-if) indicating that the configuration is for the specific port mentioned in the previous command.

Step 6. Exit the specific interface and the global configuration command mode to go back to the privileged EXEC mode by entering the following:

Step 7. (Optional) To permanently save the settings, enter the following:

Step 8. Enter Y in the Overwrite file prompt to indicate Yes and to save the settings to the startup configuration file.

Step 9. (Optional)Verify if the newly-configured settings on the chosen port are now applied by entering the following:

The newly-configured settings should now appear:

You now have successfully configured the Trusted Interface Settings on your switch through the CLI.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents