Jump to content
Калькуляторы

SNR-S2940-8G-v2 + dhcp relay побороть broadcast на аплинке

Reply to this topic

MrLir   

MrLir
Posted

Исследую SNR-S2940-8G-v2 на предмет использования в качестве домового свитча.

SoftWare Version 6.2.138.103

Настраиваю DHCP Relay, вот кусок конфига.

service dhcp
!
ip forward-protocol udp bootps
ip dhcp server relay information enable
ip dhcp relay information option
ip dhcp relay information option subscriber-id format hex
ip dhcp relay information option self-defined subscriber-id format hex
ip dhcp relay share-vlan 120 sub-vlan 20
!

!
vlan 20
name Users
!
vlan 86
name PPPoE
!
vlan 120
name Management
!
!
Interface Ethernet1/1
switchport mode hybrid
switchport hybrid allowed vlan 20;86 untag
switchport hybrid native vlan 20

!
Interface Ethernet1/2
switchport mode hybrid
switchport hybrid allowed vlan 20;86 untag
switchport hybrid native vlan 20
!
.........


!
Interface Ethernet1/9
switchport mode trunk
!
Interface Ethernet1/10
switchport mode trunk
!

!
interface Vlan120
ip address 192.168.42.133 255.255.255.252
 !forward protocol udp 67(active)!
ip helper-address 192.168.22.21
!
ip default-gateway 192.168.42.134
!
protocol-vlan etype 34915 vlan 86 priority 0
protocol-vlan etype 34916 vlan 86 priority 0
isolate-port group test switchport interface Ethernet1/8
isolate-port group test switchport interface Ethernet1/7
isolate-port group test switchport interface Ethernet1/6
isolate-port group test switchport interface Ethernet1/5
isolate-port group test switchport interface Ethernet1/4
isolate-port group test switchport interface Ethernet1/3
isolate-port group test switchport interface Ethernet1/2
isolate-port group test switchport interface Ethernet1/1

 

Всё хорошо, адрес получаю, но

на Uplink порту идут броадкастом DHCP Discover от абонента.

Собственно можно-ли как-то это побороть?

Share this post

Link to post
Share on other sites

Andrey Savenkov   

Andrey Savenkov
Posted

Как вариант - заблокировать весь трафик кроме PPPoE на портах, или конкретно запросы к DHCP-серверам с помощью ACL

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Followers 0
Go to topic listing Коммутаторы SNR, коммутаторы Orion Networks