Security > DHCPv6 > Snooping

The addresses assigned to DHCPv6 clients on insecure ports can be carefully controlled using the dynamic bindings registered with DHCPv6 Snooping (or using the static bindings configured with IPv6 Source Guard). DHCPv6 snooping allows a switch to protect a network from rogue DHCPv6 servers or other devices which send port-related information to a DHCPv6 server. This information can be useful in tracking an IP address back to a physical port.

DHCP Snooping Global Configuration

Use the IP Service > DHCPv6 > Snooping (Configure Global) page to enable DHCPv6 Snooping globally on the switch, or to configure MAC Address Verification.

DHCP Snooping VLAN Configuration

Use the IP Service > DHCPv6 > Snooping (Configure VLAN) page to enable or disable DHCPv6 snooping on specific VLANs.

Command Usage

Parameters

Configuring Interfaces for DHCPv6 Snooping

Use the IP Service > DHCP > Snooping6 (Configure Interface) page to configure switch interfaces as trusted or untrusted, and set the maximum number of entries which can be stored in the binding database for an interface.

Command Usage

Parameters

Displaying DHCPv6 Snooping Binding Information

Use the IP Service > DHCPv6 > Snooping (Show Information - Binding) page to display entries in the binding table.

Displaying DHCPv6 Snooping Statistics

Use the IP Service > DHCPv6 > Snooping (Show Information – Statistics) page to display information on client, server, and relay packets.