set dhcpsnooping limit

clientʹs interface and VLAN in the bindings database. If the interfaces do not match, the application logs the event if logging has been enabled.

Use the show dhcpsnooping command to display the status (enabled or disabled) of logging invalid packets for each interface in an enabled VLAN. The show dhcpsnooping statistics command shows the actual number of server messages received on untrusted ports.

Example

This example enables logging of invalid DHCP messages on port ge.1.1 and then displays the DHCP configuration settings.

C3(rw)->set dhcpsnooping log invalid port ge.1.1 enable

C3(su)->show dhcpsnooping

DHCP snooping is Disabled

DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs: 3

Interface

Trusted

Log Invalid Pkts

-----------

----------

----------------

ge.1.1

No

Yes

ge.1.2

No

No

ge.1.3

Yes

No

set dhcpsnooping limit

Use this command to configure rate limiting parameters for incoming DHCP packets on a port or ports.

Syntax

set dhcpsnooping limit port-string{none rate pps {burst interval secs]}

Parameters

port‐string

Specifies the port or ports to which to apply these rate limiting

 

parameters.

 

 

none

Configures no limit on incoming DHCP packets.

 

 

rate pps

Specifies a rate limit in packets per second. The value of pps can range

 

from 0 to 100 packets per second.

 

 

burst interval secs

Specifies a burst interval in seconds. The value of secs can range from 1

 

to 15 seconds.

 

 

Defaults

Rate = 15 packets per second

Burst Interval = 1 second

Mode

Switch command, read‐write.

SecureStack C3 Configuration Guide 17-9

Page 519
Image 519
Enterasys Networks 9034313-07 manual Set dhcpsnooping limit, None, Rate pps, Burst interval secs