Configuring Dhcp Packet Rate Limit; Displaying And Maintaining Dhcp Snooping - HP 6125XLG Configuration Manual

compares the entry with the message information. If they are consistent, the message is considered as
valid and forwarded to the DHCP server. If they are different, the message is considered as a forged
message and is discarded. If no matching entry is found, the message is considered valid and forwarded
to the DHCP server.
To enable DHCP-REQUEST check:
Step
1. Enter system view.
2. Enter interface view.
3. Enable DHCP-REQUEST check.

Configuring DHCP packet rate limit

Perform this task to configure the maximum rate at which an interface can receive DHCP packets. This
feature discards exceeding DHCP packets to prevent attacks that send large numbers of DHCP packets.
To configure DHCP packet rate limit:
Step
1. Enter system view.
2. Enter interface view.
3. Configure the maximum rate at
which the interface can receive
DHCP packets.

Displaying and maintaining DHCP snooping

Execute display commands in any view, and reset commands in user view.
Task
Display DHCP snooping entries.
Command
system-view
interface interface-type
interface-number
dhcp snooping check
request-message
Command
system-view
interface interface-type
interface-number
dhcp snooping rate-limit rate
Command
display dhcp snooping binding [ ip
ip-address [ vlan vlan-id ] ]
70
Remarks
N/A
N/A
By default, DHCP-REQUEST check is
disabled.
You can enable DHCP-REQUEST
check only on Ethernet interfaces and
aggregate interfaces.
Remarks
N/A
N/A
By default, incoming DHCP
packets are not rate limited.
You can configure this command
only on Ethernet interfaces and
aggregate interfaces.
If an Ethernet interface belongs to
an aggregation group, it uses the
DHCP packet maximum rate
configured on the corresponding
aggregate interface.
Remarks
Available in any view.