DHCP snooping is the process of copying DHCP packets and using the contained information for internal purposes. The BSA and BSR can use the snooped DHCP information to build anti-spoofing filters, populate the ARP table, send ARP replies, and so on.
For VPLS, DHCP snooping must be explicitly enabled (using the snoop command) on the SAP or SDP where DHCP messages ingress the VPLS instance. It is recommended to enable snooping on both the interface to the DHCP server (to snoop ACK messages) and the interface to the subscriber (to snoop RELEASE messages).
For IES and VPRN IP interfaces (VPRN is supported on the 7750 SR only), lease populate enables DHCP snooping for the subnets defined under the IP interface. The number of allowed simultaneous DHCP sessions on a SAP or interface can be limited using the lease-populate command with the parameter number-of-entries specified. Enabling lease-populate and snoop commands is effectively enabling ‟standard subscriber management”.
The following output displays an example of a partial BSA configuration with DHCP snooping enabled in a service:
*A:ALA-48>config>service# info
----------------------------------------------
...
vpls 600 customer 701 create
sap 1/1/4:100 split-horizon-group "DSL-group2" create
description "SAP towards subscriber"
dhcp
lease-populate 1
option
action replace
circuit-id
no remote-id
exit
no shutdown
exit
exit
mesh-sdp 2:800 create
dhcp
snoop
exit
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-48>config>service#