Checking The Configuration; Configuring The Packet Discarding Alarm Function; Establishing The Configuration Task - Huawei Quidway S9300 Configuration Manual

Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
By default, the alarm threshold of discarded DHCP packets is 100 pps. An alarm is generated
when the number of discarded DHCP packets exceeds the threshold.
----End

3.7.4 Checking the Configuration

Prerequisite
The configurations of limiting the rate of sending DHCP messages are complete.
Procedure
l
----End

3.8 Configuring the Packet Discarding Alarm Function

An alarm is generated when the number of discarded packets exceeds the threshold.

3.8.1 Establishing the Configuration Task

3.8.2 Enabling DHCP Snooping
3.8.3 Enabling the Checking of DHCP Messages
3.8.4 Configuring the Packet Discarding Alarm Function
3.8.5 Checking the Configuration
3.8.1 Establishing the Configuration Task
Applicable Environment
With DHCP snooping configured, the S9300 discards packets sent from an attacker.
3-2
Table 3-2 Relation between the type of attacks and the type of discarded packets
Type of Attacks
Bogus attack
DoS attack by changing the CHADDR field
Attack by sending bogus messages to extend
IP address leases
Issue 06 (2010–01–08)
Run the display dhcp snooping global command to check information about global DHCP
snooping.
shows the relation between the type of attacks and the type of discarded packets.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
3 DHCP Snooping Configuration
Type of Discarded Packets
DHCP Reply messages received from
untrusted interfaces
DHCP Request messages whose CHADDR
field does not match the source MAC address
in the frame header
DHCP Request messages that do not match
entries in the binding table
Table
3-25