Ip Dhcp Snooping Limit Rate - Cisco Catalyst 2960 Command Reference Manual

Chapter 2 Catalyst 2960 Switch Cisco IOS Commands

ip dhcp snooping limit rate

To use this command, the switch must be running the LAN Base image.
Note
Use the ip dhcp snooping limit rate interface configuration command to configure the number of DHCP
messages an interface can receive per second. Use the no form of this command to return to the default
setting.
Syntax Description
rate
Defaults DHCP snooping rate limiting is disabled.
Command Modes Interface configuration
Command History Release
12.2(25)FX
Usage Guidelines Normally, the rate limit applies to untrusted interfaces. If you want to configure rate limiting for trusted
interfaces, keep in mind that trusted interfaces might aggregate DHCP traffic on multiple VLANs (some
of which might not be snooped) in the switch, and you will need to adjust the interface rate limits to a
higher value.
If the rate limit is exceeded, the interface is error-disabled. If you enabled error recovery by entering the
errdisable recovery dhcp-rate-limit global configuration command, the interface retries the operation
again when all the causes have timed out. If the error-recovery mechanism is not enabled, the interface
stays in the error-disabled state until you enter the shutdown and no shutdown interface configuration
commands.
Examples
This example shows how to set a message rate limit of 150 messages per second on an interface:
Switch(config-if)# ip dhcp snooping limit rate 150
You can verify your settings by entering the show ip dhcp snooping user EXEC command.
OL-8604-04
ip dhcp snooping limit rate rate
no ip dhcp snooping limit rate
Number of DHCP messages an interface can receive per second. The range is 1 to
2048.
Modification
This command was introduced.
ip dhcp snooping limit rate
Catalyst 2960 Switch Command Reference
2-135