Dhcp snooping – NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual
Page 739
•
Recovery Mode: Enable of disable this option for unicast traffic:
-
Enable: If unicast traffic exceeds the configured threshold, the port discards
the unicast traffic. The default is Enable.
-
Disable: If unicast traffic exceeds the configured threshold, unicast is not
discarded.
•
Recovery Level Type: Specify the recovery level in the Recovery Level field as
a percentage of the port link speed or as packets per second:
-
Percent: The recovery level is expressed as a percentage of link speed.
-
pps: The recovery level is expressed as a packets per second (pps).
•
Recovery Level: Specify the threshold at which unicast storm control is activated.
By default, the recovery level is 5 percent of the port link speed of 5 pps.
•
Control Action: Specify one of the following actions:
-
None: No further action is taken. This is the default setting.
-
Trap: If unicast traffic exceeds the configured threshold, a trap is sent.
-
Shutdown: If unicast traffic exceeds the configured threshold, the port is shut
down.
11. Click the Apply button.
Your settings are saved.
12. To save the settings to the running configuration, click the Save icon.
DHCP snooping
DHCP snooping is a feature that provides security by filtering untrusted DHCP messages
and by building and maintaining a DHCP snooping binding table. An untrusted message
is a message that is received from outside the network or firewall and that can cause
traffic attacks within your network. The DHCP snooping binding table contains the MAC
address, IP address, lease time, binding type, VLAN number, and interface information
that corresponds to the local untrusted interfaces of a switch. An untrusted interface is
an interface that is configured to receive messages from outside the network or firewall.
A trusted interface is an interface that is configured to receive only messages from within
the network.
DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. It also
provides way to differentiate between untrusted interfaces connected to the end user
and trusted interfaces connected to the DHCP server or another switch.
Main User Manual
739
Manage Switch Security
Fully Managed Switches M4350 Series Main User Manual