Table of Contents
Advertisement
The DHCPv6-REQUEST check feature enables the DHCPv6 snooping device to check every
received DHCPv6-RENEW, DHCPv6-DECLINE, or DHCPv6-RELEASE message against DHCPv6
snooping entries.
•
If any criterion in an entry is matched, the device compares the entry with the message
information.
If they are consistent, the device considers the message valid and forwards it to the
DHCPv6 server.
If they are different, the device considers the message forged and discards it.
•
If no matching entry is found, the device forwards the message to the DHCPv6 server.
Procedure
To enable DHCPv6-REQUEST check:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Enable
DHCPv6-REQUEST
check.
Configuring a DHCPv6 packet blocking port
Perform this task to configure a port as a DHCPv6 packet blocking port. The DHCPv6 packet
blocking port drops all incoming DHCP requests.
To configure a DHCPv6 packet blocking port:
Step
1.
Enter system view.
2.
Enter interface view.
3.
Configure the port to block
DHCPv6 requests.
Enabling DHCPv6 snooping logging
The DHCPv6 snooping logging feature enables the DHCPv6 snooping device to generate DHCPv6
snooping logs and send them to the information center. For information about the log destination and
output rule configuration in the information center, see Network Management and Monitoring
Configuration Guide.
As a best practice, disable this feature if the log generation affects the device performance.
To enable DHCPv6 snooping logging:
Step
1.
Enter system view.
2.
Enable DHCPv6 snooping
logging.
Command
system-view
interface interface-type
interface-number
ipv6 dhcp snooping check
request-message
Command
system-view
interface interface-type
interface-number
ipv6 dhcp snooping deny
Command
system-view
ipv6 dhcp snooping log enable
208
Remarks
N/A
N/A
By default, DHCPv6-REQUEST check is
disabled.
Remarks
N/A
N/A
By default, the port does not block
DHCPv6 requests.
Remarks
N/A
By default, DHCPv6 snooping
logging is disabled.
Advertisement
Table of Contents
Troubleshooting
