DHCP Snooping

Unanswered Question
Jun 8th, 2007

I am setting up DHCP Snooping and I am looking at the configuration guide for the 6500 series switch. These are the steps that they show:

Step 1

Add DHCP snooping to the VACL.

set security acl ip acl_name permit dhcp-snooping

Step 2

Configure the VACL to allow DHCP snooping from all hosts.

set security acl ip acl_name permit ip any any

Step 3

Save the VACL.

commit security acl acl_name

Step 4

Add an ACL to a VLAN.

set security acl map acl_name 10

What I want to know is if I make this access list will the other "set security acl" entries that I already have be overwritten? Also, for the "ip permit any any", this will make it so that all the hosts are are bound by dhcp-snoop right?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Fri, 06/08/2007 - 11:38

Since the named access-list used for snooping and security will be different, it will not be overwritten.

Access-list are not overwritten when you add statements but they just get appended at the end. You need to be careful while removing statements.

HTH, rate if it does

Narayan

Actions

This Discussion