no-snoop (DHCP Local Server and Relay Agent)
Syntax
no-snoop;
Hierarchy Level
[edit forwarding-options dhcp-relay], [edit forwarding-options dhcp-relay dhcpv6], [edit logical-systems logical-system-name ...], [edit logical-systems logical-system-name routing-instances routing-instance-name...], [edit routing-instances routing-instance-name ...], [edit system services dhcp-local-server], [edit system services dhcp-local-server dhcpv6]
Description
Disable DHCP snooping filters.
DHCP snooping provides DHCP security by identifying incoming
DHCP packets. In the default DHCP snooping configuration, all traffic
is snooped. You can optionally use the forward-snooped-clients statement to evaluate the snooped traffic and to determine if the
traffic is forwarded or dropped, based on whether or not the interface
is configured as part of a group.
Starting in Junos OS Release 22.4R1, 'no-snoop' (DHCP Local Server and Relay Agent) is supported for DHCPV6 on QFX10K platforms.
The "no-snoop" option is not supported on the PTX10002-60C devices.
In both the default configuration and in configurations using
the forward-snooped-clients statement, all DHCP traffic
is forwarded from the hardware control plane to the routing plane
of the routing instance to ensure that all DHCP packets are intercepted.
In certain topologies, such as a Metropolitan Routing Ring topology,
forwarding all DHCP traffic to the control plane can result in excessive
traffic. The no-snoop configuration statement disables
the snooping filter for DHCP traffic that can be directly forwarded
on the hardware control plane, such as Layer 3 unicast packets with
a valid route, causing those DHCP packets to bypass the slower routing
plane.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 15.1R2.