Last Updated on August 3, 2021 by Admin 3
You have configured a Cisco Catalyst switch to store its binding table on a local TFTP server.
Which of the following commands can you issue to verify the URL that the agent will use to store the binding table on the TFTP server? (Select the best answer.)
- show ip dhcp snooping
- show ip dhcp snooping database
- show ip dhcp snooping binding
- show ip dhcp snooping statistics
You can issue the show ip dhcp snooping database command to verify the Uniform Resource Locator (URL) that the agent will use to store the binding table when Dynamic Host Configuration Protocol (DHCP) snooping is configured on a Cisco Catalyst switch to store the binding table on a local Trivial File Transfer Protocol (TFTP) server. DHCP snooping ensures that DHCP servers reside on trusted switch interfaces and that all DHCP traffic from untrusted interfaces is verified before being forwarded. When a switch is configured to use DHCP snooping, the switch tracks client Media Access Control (MAC) addresses and their associated DHCP client hardware addresses in the DHCP snooping binding database, which is also known as the binding table. If the switch receives DHCP packets that do not match entries in the binding table, the switch drops the packets. The binding table can be stored locally or it can be stored on a remote server.
The show ip dhcp snooping database command can be used to display the status of the DHCP snooping binding table agent and statistics regarding the status of the binding table, such as the URL where the binding table can be found and how many successful writes have been committed to the table. For example, the following sample output indicates that the binding table is stored in a file named bindingtable on the TFTP server with an IP address of 188.8.131.52:
The show ip dhcp snooping command displays general information regarding the DHCP snooping configuration on a switch, such as the virtual LANs (VLANs) for which DHCP snooping is enabled and the trusted state of each interface. For example, the following sample output indicates that DHCP snooping is enabled for VLANs 101, 201, and 301:
The show ip dhcp snooping binding command displays the dynamic entries in the binding table. You must use the show ip source binding command to view both static and dynamic binding table entries. For example, the following sample output from the show ip dhcp snooping binding command indicates that two DHCP clients from VLAN 101 have entries in the binding table:
The show ip dhcp snooping statistics command displays statistical information regarding the number of frames that have been forwarded or dropped by the DHCP snooping configuration on a switch. You can use the detail keyword to display expanded statistics, which include the number of packets dropped for each denial category, such as binding mismatches or exceeded rate limits. For example, the following sample output from the show ip dhcp snooping statistics command indicates that 1,450 packets were forwarded and 105 packets were dropped from untrusted ports:
Packets Forwarded = 1450
Packets Dropped = 118
Packets Dropped From untrusted ports = 105