You have configured a Cisco Catalyst switch to store its binding table on a local TFTP server.
Which of the following commands can you issue to verify the URL that the agent will use to store the binding
table on the TFTP server? (Select the best answer.)
A.
show ip dhcp snooping
B.
show ip dhcp snooping database
C.
show ip dhcp snooping binding
D.
show ip dhcp snooping statistics
Explanation:
You can issue the show ip dhcp snooping database command to verify the Uniform Resource Locator (URL)
that the agent will use to store the binding table when Dynamic Host Configuration Protocol (DHCP) snooping is
configured on a Cisco Catalyst switch to store the binding table on a local Trivial File Transfer Protocol (TFTP)
server. DHCP snooping ensures that DHCP servers reside on trusted switch interfaces and that all DHCP
traffic from untrusted interfaces is verified before being forwarded. When a switch is configured to use DHCP
snooping, the switch tracks client Media Access Control (MAC) addresses and their associated DHCP client
hardware addresses in the DHCP snooping binding database, which is also known as the binding table. If the
switch receives DHCP packets that do not match entries in the binding table, the switch drops the packets. The
binding table can be stored locally or it can be stored on a remote server.
The show ip dhcp snooping database command can be used to display the status of the DHCP snooping
binding table agent and statistics regarding the status of the binding table, such as the URL where the binding
table can be found and how many successful writes have been committed to the table. For example, the
following sample output indicates that the binding table is stored in a file named bindingtable on the TFTP
server with an IP address of 1.2.3.4:
The show ip dhcp snooping command displays general information regarding the DHCP snooping configuration
on a switch, such as the virtual LANs (VLANs) for which DHCP snooping is enabled and the trusted state of
each interface. For example, the following sample output indicates that DHCP snooping is enabled for VLANs
101, 201, and 301:
The show ip dhcp snooping binding command displays the dynamic entries in the binding table. You must use
the show ip source binding command to view both static and dynamic binding table entries. For example, the
following sample output from the show ip dhcp snooping binding command indicates that two DHCP clients
from VLAN 101 have entries in the binding table:
The show ip dhcp snooping statistics command displays statistical information regarding the number of frames
that have been forwarded or dropped by the DHCP snooping configuration on a switch. You can use the detail
keyword to display expanded statistics, which include the number of packets dropped for each denial category,
such as binding mismatches or exceeded rate limits. For example, the following sample output from the show
ip dhcp snooping statistics command indicates that 1,450 packets were forwarded and 105 packets were
dropped from untrusted ports:
Packets Forwarded = 1450
Packets Dropped = 118
Packets Dropped From untrusted ports = 105Cisco: Cisco IOS IP Addressing Services Command Reference: show ip dhcp snooping database
