1. Manuals
  2. Brands
  3. Fujitsu Manuals
  4. Switch
  5. PSWITCH 2048T
  6. User manual

Fujitsu PSWITCH 2048T User Manual page 99

Hide thumbs
Table of Contents

Advertisement

User's Guide
To prevent DHCP packets from being used as a DoS attack when DHCP snooping
enabled, the DHCP snooping enforces a rate limit for DHCP packets received on
interface. DHCP snooping monitors the receive rate on each interface separately. If
the receive rate exceeds a configurable limit, DHCP snooping brings down the
interface.
The DHCP client allows the user to enable on the network port, service port, as well
as host and routing interfaces.
IPv4
DHCPv4 snooping creates a tentative binding from DHCPv4 DISCOVER and REQUEST
messages. Tentative bindings tie a client to a port (the port where the DHCP client
message was received). Tentative bindings are completed when DHCPv4 snooping
learns the client's IP address from a DHCPv4 server on a trusted port.
DHCPv4 snooping removes bindings in response to DECLINE and RELEASE from a
DHCPv4 client and NACK from a DHCPv4 server. The DHCPv4 snooping ignores the
ACK messages sent as replies to DHCP Inform messages received on trusted ports
from DHCPv4 servers.
For RELEASE and DECLINE messages from the DHCPv4 client, the DHCPv4 snooping
compares the receive interface and VLAN with the client's interface and VLAN in the
bindings database. If the interfaces do not match, the application drops the
message.
IPv6
DHCPv6 snooping works only with DHCPv6 stateful server.
DHCPv6 snooping creates a tentative binding from SOLICIT, and REQUEST messages.
Tentative bindings tie a client to a port (the port where the DHCP client message
was received). Tentative bindings are completed when DHCPv6 Snooping learns
the client's IP address from a REPLY message from a DHCPv6 server on a trusted
port.
DHCPv6 snooping removes bindings for RELEASE and DECLINE from a DHCPv6 client
and RECONFIGURE message received from a DHCPv6 client. The DHCPv6 snooping
ignores REPLY messages that are sent in response to CONFIRM messages received
on trusted ports from DHCPv6 servers.
For DECLINE messages from the DHCPv6 client and RECONFIGURE messages from
the DHCPv6 server, the application compares the receive interface and VLAN with
the client's interface and VLAN in the bindings database. If the interfaces do not
match, the application drops the message.
December/2018
FUJITSU PSWITCH
99
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Fujitsu PSWITCH 2048T

Related Products for Fujitsu PSWITCH 2048T

This manual is also suitable for:

Pswitch 4032pPswitch 2048p

Table of Contents