DHCP Snooping

Unanswered Question
Jun 8th, 2007
User Badges:

I am setting up DHCP Snooping and I am looking at the configuration guide for the 6500 series switch. These are the steps that they show:

Step 1

Add DHCP snooping to the VACL.

set security acl ip acl_name permit dhcp-snooping

Step 2

Configure the VACL to allow DHCP snooping from all hosts.

set security acl ip acl_name permit ip any any

Step 3

Save the VACL.

commit security acl acl_name

Step 4

Add an ACL to a VLAN.

set security acl map acl_name 10

What I want to know is if I make this access list will the other "set security acl" entries that I already have be overwritten? Also, for the "ip permit any any", this will make it so that all the hosts are are bound by dhcp-snoop right?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
royalblues Fri, 06/08/2007 - 11:38
User Badges:
  • Green, 3000 points or more

Since the named access-list used for snooping and security will be different, it will not be overwritten.

Access-list are not overwritten when you add statements but they just get appended at the end. You need to be careful while removing statements.

HTH, rate if it does



This Discussion