Netgear M5300-28G-POE+ (GSM7228PSv1h2) - 12-Port Managed Gigabit Switch Ratgeber Für Administratoren
Security Management
396
Managed Switches
Maximum Rate of DHCP Messages
To prevent DHCP packets being used as DoS attachments when DHCP snooping is enabled,
the snooping application enforces a rate limit for DHCP packets received on untrusted
interfaces. DHCP snooping monitors the receive rate on each interface separately. If the
receive rate exceeds the configured limit, DHCP snooping brings down the interface. The
user must specify “no shutdown” on this interface to further work with that port.
the snooping application enforces a rate limit for DHCP packets received on untrusted
interfaces. DHCP snooping monitors the receive rate on each interface separately. If the
receive rate exceeds the configured limit, DHCP snooping brings down the interface. The
user must specify “no shutdown” on this interface to further work with that port.
CLI: Configure the Maximum Rate of DHCP Messages
1.
Control the maximum rate of DHCP messages.
(Netgear Switch) (Interface 1/0/2)# ip dhcp snooping limit rate 5
2.
View the rate configured.
(GSM7328S) #show ip dhcp snooping interfaces 1/0/2
Interface Trust State Rate Limit Burst Interval
(pps) (seconds)
---------- ------------- ------------- ---------------
1/0/2 No 5 1
Web Interface: Configure the Maximum Rate of DHCP
Messages
Messages
1.
Select Security > Control > DHCP Snooping > Interface Configuration.
A screen similar to the following displays.
2.
Select the interface, fill in the Rate Limit (pps) field, and then click Apply.