Table of Contents
Advertisement
set dhcpsnooping log-invalid
Parameters
enable
disable
Defaults
Source MAC address verification is enabled by default.
Mode
Switch command, read‐write.
Usage
When this verification is enabled, the DHCP snooping application compares the source MAC
address contained in valid client messages with the client's hardware address. If there is a
mismatch, DHCP snooping logs the event and drops the packet.
Use the show dhcpsnooping command to display the status (enabled or disabled) of source MAC
address verification for each interface in an enabled VLAN. The show dhcpsnooping statistics
command shows the actual number of MAC verification errors that occurred on untrusted ports.
Example
This example disables source MAC address verification and logging.
C2
(rw)->set dhcpsnooping verify mac-address disable
set dhcpsnooping log-invalid
Use this command to enable or disable logging of invalid DHCP messages on ports.
Syntax
set dhcpsnooping log-invalid port port-string {enable | disable}
Parameters
port port‐string
enable | disable
Defaults
Disabled.
Mode
Switch command, read‐write.
Usage
The DHCP snooping application processes incoming DHCP messages. For DHCPRELEASE and
DHCPDECLINE messages, the application compares the receive interface and VLAN with the
17-8 DHCP Snooping and Dynamic ARP Inspection
Enables verification of the source MAC address in client messages
against the client hardware address.
Disables verification of the source MAC address in client messages
against the client hardware address.
Specifies the port or ports on which to enable or disable logging of
invalid packets.
Enables or disables logging on the specified ports.
Advertisement
Table of Contents
Need help?
Do you have a question about the SecureStack C2 C2G170-24 and is the answer not in the manual?