Maximum Rate of DHCP Messages
To prevent DHCP packets being used as DoS attachments when DHCP snooping is
enabled, the snooping application enforces a rate limit for DHCP packets received on
untrusted interfaces. DHCP snooping monitors the receive rate on each interface separately.
If the receive rate exceeds the configured limit, DHCP snooping brings down the interface.
The user must specify "no shutdown" on this interface to further work with that port.
CLI: Configure the Maximum Rate of DHCP Messages
1.
Control the maximum rate of DHCP messages.
(Netgear Switch) (Interface 1/0/2)# ip dhcp snooping limit rate 5
2.
View the rate configured.
(Netgear Switch) #show ip dhcp snooping interfaces 1/0/2
Interface
Trust State
----------
-------------
1/0/2
Web Interface: Configure the Maximum Rate of DHCP
Messages
1.
Select Security > Control > DHCP Snooping > Interface Configuration.
A screen similar to the following displays.
2.
Select the interface, fill in the Rate Limit (pps) field, and then click Apply.
Managed Switches
Rate Limit
(pps)
-------------
No
5
Security Management
Burst Interval
(seconds)
---------------
1
347