< Home

Licensing Requirements and Limitations for DHCP Snooping

Involved Network Elements

Other network elements are not required.

Licensing Requirements

DHCP snooping is a basic feature of a switch and is not under license control.

Feature Support in V200R019C10

All models of S2720, S5700, and S6700 series switches support DHCP Snooping.

For details about software mappings, visit Hardware Query Tool and search for the desired product model.

Feature Limitations

  • If the number of online users on a device reaches the maximum number of entries in the DHCP snooping binding table, offline users cannot go online.

  • On an S5720-HI, S5730-HI, S5731-H, S5731S-H, S5731-S, S5731S-S, S6720-HI, S5732-H, S6730-H, S6730S-H, S6730-S,?or S6730S-S switch, the DHCP snooping function applies only to wired users.

  • DHCPv4 snooping can be configured on a Layer 2 access device and the first-hop DHCPv4 relay agent. DHCPv6 snooping can be configured on a Layer 2 access device. In V200R012C00 and later versions, DHCPv6 snooping can be configured on the first-hop DHCPv6 relay agent.
  • In V200R019C00 and later versions, the IPv4 DHCP snooping function is supported in VXLAN scenarios. In addition, users can only go online at the access side and cannot go online at the tunnel side. The DHCP server can be deployed at the access side.
    • When users go online at the access side and the DHCP server is deployed at the access side, you need to run the dhcp snooping enable command in the BD where users go online or on the interfaces connected to the users, and run the dhcp snooping trusted command on the interface connected to the DHCP server.
    • When users go online at the access side and the DHCP server is deployed at the tunnel side, you need to run the dhcp snooping enable command in the BD where users go online or on the interfaces connected to the users, and run the dhcp snooping trusted command in the BD to which the DHCP server belongs.
    • When users go online at the access side, the DHCP server is deployed at the tunnel side, and the VBDIF interface on the VTEP for user access is configured as the DHCP relay agent or DHCP server, you need to run the dhcp snooping enable command in the BD where users go online or on the interfaces connected to the users. The dhcp snooping trusted command does not need to be configured.
  • In VRRP scenarios, DHCP snooping binding entries of the master device cannot be synchronized to the backup device. Therefore, the DHCP snooping function cannot be configured in the VRRP scenarios; otherwise, the original services may become ineffective after a master/backup switchover.
  • The DHCP-triggered ARP learning function applies only to wired users.
  • If the DHCP snooping function has been configured and a VLAN is authorized for an authenticated user, two DHCP snooping binding entries may be generated for the user on the device because the VLAN and IP address of the user are different from those before VLAN authorization. In this case, if the device is a Layer 3 device, you can enable association between ARP and DHCP snooping to delete the original DHCP snooping binding entries.
Parent Topic: DHCP Snooping Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >