由于ACL资源有限，S3100-SI系列以太网交换机不支持DHCP Snooping信任端口功能。但为了防御因私自架设DHCP服务器，而导致的网络混乱；或者攻击者恶意冒充DHCP服务器，为客户端分配IP地址等配置参数等情况，S3100-SI系列以太网交换机提供了防DHCP服务器仿冒功能。

在开启DHCP Snooping功能的交换机的下游端口（与DHCP客户端直接或间接相连的端口）上配置防DHCP服务器仿冒功能后，交换机会从该端口向外发送DHCP-DISCOVER报文，用于探测连接到该端口的DHCP服务器，如果接收到回应报文（DHCP-OFFER报文），则认为该端口连接了仿冒的DHCP服务器，交换机会根据配置的处理策略进行处理，例如仅发送告警信息，或发送告警信息的同时将相应端口进行管理Down操作。
[3100]display ver
H3C Comware Platform Software
Comware Software, Version 3.10, Release 2211P04
Copyright (c) 2004-2010 Hangzhou H3C Technologies Co., Ltd. All rights reserved.
H3C S3100-16TP-SI uptime is 0 week, 0 day, 0 hour, 31 minutes
H3C S3100-16TP-SI with 1 Processor
64M    bytes SDRAM
8M      bytes Flash Memory
Config Register points to FLASH
Hardware Version is REV.D
Bootrom Version is 555
[Subslot 0] 16FE        Hardware Version is REV.D
[Subslot 1]  1GE        Hardware Version is REV.D
[Subslot 2]  1GE        Hardware Version is REV.D

[3100]int vlan 1
[3100-Vlan-interface1]ip address dhcp-alloc
[3100-Vlan-interface1]un shutdown
[3100]display ip int b
*down: administratively down
(l): loopback
(s): spoofing
Interface                  IP Address          Physical Protocol    Description
Vlan-interface1        192.168.1.189        up      up          Vlan-inte...
DHCP client statistic information:
Vlan-interface1:
Current machine state: BOUND
Allocated IP: 192.168.1.189 255.255.255.0
Allocated lease: 72000 seconds, T1: 36000 seconds, T2: 63000 seconds
Server IP: 192.168.1.188
[3100-Ethernet1/0/1]dhcp-snooping server-guard enable
[3100-Ethernet1/0/1]dhcp-snooping server-guard method shutdown
#Apr  2 00:29:07:389 2000 3100 DHCP-SNP/2/DHCPSNOOPING SERVER GUARD:- 1 -
Trap 1.3.6.1.4.1.2011.10.2.36.2.0.1(h3cDhcpSnoopSpoofServerDetected): portIndex 4227626 detect DHCP server in VLAN 1 MAC is f0.4d.a2.21.2f.b6 IP is 192.168.1.188

%Apr  2 00:29:07:690 2000 3100 DHCP-SNP/5/dhcp-snooping server guard:- 1 -
  Port 1 detect DHCP server in VLAN 1 MAC is f04d-a221-2fb6 IP is 192.168.1.188 
#Apr  2 00:29:08:147 2000 3100 L2INF/2/PORT LINK STATUS CHANGE:- 1 -
Trap 1.3.6.1.6.3.1.1.5.3(linkDown): portIndex is 4227626, ifAdminStatus is 2, ifOperStatus is 2
%Apr  2 00:29:08:358 2000 3100 L2INF/5/PORT LINK STATUS CHANGE:- 1 -
Ethernet1/0/1 is DOWN
%Apr  2 00:29:08:479 2000 3100 L2INF/5/VLANIF LINK STATUS CHANGE:- 1 -
Vlan-interface1 is DOWN
%Apr  2 00:29:08:599 2000 3100 IFNET/5/UPDOWN:- 1 -Line protocol on the interface Vlan-interface1 is DOWN 
[3100-Ethernet1/0/1]display dhcp-snooping server-guard
DHCP-Snooping is enabled.
DHCP-Snooping server guard become effective.
Interface            Status                        Find Time       
================================================================
Ethernet1/0/1        Server detected and shutdown  2047