DHCP Snooping Configuration
show dhcp snooping config
Section titled “show dhcp snooping config”[Command] show dhcp snooping config
[Purpose] View DHCP snooping related configuration status
[View] System view
sonic# show dhcp snooping configGLOBAL MODE V4 : enableGLOBAL MODE V6 : enableGLOBAL SNP MAX NUMBER :GLOBAL LEASE TIME : 172800+-------------+----------------+-----------+------------------+| Interface | dhcp_snooping | Trusted | Snp Max Number |+=============+================+===========+==================+| Ethernet50 | enable | true | |+-------------+----------------+-----------+------------------+| Vlan800 | enable | | |+-------------+----------------+-----------+------------------+| Vlan400 | enable | | |+-------------+----------------+-----------+------------------+| Ethernet49 | enable | true | |+-------------+----------------+-----------+------------------+show snooping table
Section titled “show snooping table”[Command] show snooping table
[Purpose] View all snooping table entry details
[View] System view
[Notes] Snooping table entries include those learned by DHCP Snooping and ND Snooping. When this feature is enabled, the device can sync snooping table entries from other devices configured as neighbors, ensuring consistency across the network.
sonic# show snooping table+---------+--------------------+-------------+------------+-----------+-----------------+-------------+-------+| vlan | smac | sip | lease_time | interface | time-stamp | switch_id | flag |+=========+====================+=============+============+===========+=================+=============+=======+| Vlan400 | 3c:22:fb:55:a0:99 | 30.11.64.21 | 7200 | N/A | 1478434670738451| 30.11.0.89 | remote|+---------+--------------------+-------------+------------+-----------+-----------------+-------------+------ +| Vlan400 | 72:fe:15:7e:42:4f | 30.11.64.18 | 6000 | N/A | 1478433013541307| 30.11.0.84 | local |+---------+--------------------+-------------+------------+-----------+-----------------+-------------+-------+Description of the show snooping table command output
| Item | Description |
|---|---|
| VLAN | VLAN to which the entry belongs |
| SMAC | Terminal MAC address |
| SIP | Terminal IP address |
| lease time | Aging time of the entry |
| interface | Physical interface where the terminal is located |
| time-stamp | Timestamp when the entry was learned, for internal system use |
| switch_id | IP address of the loopback interface of the device to which the terminal is currently connected |
| flag | Identifier for the device to which the terminal is currently connected. If it is the local device, it is labeled as local, and if it’s another device within the cluster, it is labeled as remote. |
show snooping count
Section titled “show snooping count”[Command] show snooping count
[Purpose] View the number of snooping table entries
[View] System view
sonic# show snooping count+----------------+----------------+-----------------+----------------+-----------------+---------+|Total-v4-counter|Local-v4-counter|Remote-v4-counter|Total-v6-counter|Local-v6-counter|Remote-v6-counter|+============+============+===============+===============+=================+==================+| 0 | 0 | 0 | 0 | 0 | 0 |+------------+------------+---------------+---------------+-----------------+------------------+dhcp snooping enable {v4|v6}
Section titled “dhcp snooping enable {v4|v6}”[Command] dhcp snooping enable {v4|v6} no dhcp snooping enable
[Purpose] Enable DHCP snooping function
[Parameter]
| Parameter | Description |
|---|---|
| v4|v6 | Enable DHCP Snooping function of IPv4 of IPv6 |
[View] System configuration view
[Notes] After enabling the global DHCP snooping function, user also need to enable the DHCP snooping function under the interface and VLAN view. This function should be used in combination with DHCP Relay.
sonic(config)# dhcp snooping enable v4sonic(config)# interface ethernet 1sonic(config-if-1)# dhcp snooping enabledhcp snooping autosave
Section titled “dhcp snooping autosave”[Command] dhcp snooping autosave no dhcp snooping autosave
[Purpose] Enable DHCP Snooping autosave feature
[View] System configuration view
[Usage Scenario] After enabling the global DHCP Snooping autosave feature, the snooping table entries will retain their pre-reboot count without needing to relearn after a device reboot. If an entry reaches its aging time during the reboot, it will be aged out immediately upon device restart. DHCP Snooping autosave entries are stored in the /etc/sonic/snp.json file under the device’s Linux view.
sonic(config)# dhcp snooping autosavesonic(config)#dhcp-snooping trusted
Section titled “dhcp-snooping trusted”[Command] dhcp-snooping trusted no dhcp-snooping trusted
[Purpose] Configure the interface to a trusted state
[View] Interface view, VLAN view
[Usage Scenario] The trusted port forwards the received DHCP packets normally and learns the DHCP Snooping table entries through the DHCP ACK and DHCP OFFER packets responded by the DHCP server, usually the interface directly or indirectly connected to the DHCP server trusted by the administrator is set as the trusted port, and other port devices are untrusted ports. Physical ports, VLAN interfaces, and link aggregation ports can all be configured in trust mode.
sonic(config)# interface ethernet 1sonic(config-if-1)# dhcp snooping trusteddhcp-snooping enable
Section titled “dhcp-snooping enable”[Command] dhcp-snooping enable no dhcp-snooping enable
[Purpose] Enable the interface DHCP snooping function
[View] Interface view, VLAN view
sonic(config)# interface ethernet 1sonic(config-if-1)# dhcp-snooping enable