beautypg.com

Ip dhcp snooping violation, Security violations, Ip dhcp snooping violation {log|trap – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1460: Link-down, Ip dhcp snooping

background image

DHCP Snooping Commands

Software Reference for x310 Series Switches

56.22

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

ip dhcp snooping violation

Use this command to specify the action the switch will take when it detects a DHCP
snooping violation by a DHCP packet on the ports.

Use the no variant of this command to disable the specified violation actions, or all
violation actions.

Syntax

ip dhcp snooping violation {log|trap|link-down} ...

no ip dhcp snooping violation [{log|trap|link-down} ...]

Default

By default, DHCP packets that violate DHCP snooping are dropped, but no other violation
action is taken.

Mode

Interface Configuration (port)

Usage

If a port has been shut down in response to a violation, to bring it back up again after any
issues have been resolved, use the

no shutdown command on page 12.14

.

IP packets dropped by DHCP snooping filters do not result in other DHCP snooping
violation actions.

Example

To set the switch to send an SNMP notification and set the link status to link-down if it
detects a DHCP snooping violation on switch ports 1.0.1 to 1.0.4, use the commands:

Related Commands

show ip dhcp snooping interface
show log
snmp-server enable trap

Parameter

Description

log

Generate a log message. To display these messages, use the

show log

command on page 10.37

.

Default: disabled.

trap

Generate an SNMP notification (trap). To send SNMP notifications,
SNMP must also be configured, and DHCP snooping notifications
must be enabled using the

snmp-server enable trap command on

page 68.16

.

Notifications are limited to one per second and to one per source
MAC and violation reason.

Default: disabled.

link-down

Set the port status to link-down.

Default: disabled.

awplus#

configure terminal

awplus(config)#

snmp-server enable trap dhcpsnooping

awplus(config)#

interface port1.0.1-port1.0.4

awplus(config-if)#

ip dhcp snooping violation trap link-down

See also other documents in the category Allied Telesis Computer hardware: