In order to ward off the effect of rogue DHCP server on my Ethernet network. I need to confine DHCP BOOTREPLY message to a specific LAN port on which the authorized DHCP server resides.
I tried to read the "Configuring DHCP Snooping" section of 54xx User Guide, but does not get a clear idea. That description in that user guide seems to coarse and intuitive for me to understand.
Does "Defining Trusted Interface" help? I think I need "trusted port" feature. I hope only trusted ports on 5448 can receive DHCP BOOTREPLY packets, while BOOTREPLY arriving at untrusted ports is rejected.
