Dhcpv6 snooping – NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual
Page 747
6. Select whether to display physical interfaces, LAGs, or both by clicking one of the
following links above the table heading:
•
1 or Unit ID for a stacked switch:
-
1: If no switch stack is configured, the physical interfaces for the switch are
displayed.
-
Unit ID for a stacked switch: If a switch stack is configured, the physical
interfaces for the switch with the selected stack unit ID are displayed.
•
LAG: Only LAGs are displayed.
•
All: Both physical interfaces and LAGs are displayed, or for a switch stack, both
physical interfaces on all switches in the stack and LAGs are displayed.
7. Click the Clear button to clear all interfaces statistics.
8. To save the settings to the running configuration, click the Save icon.
The following table describes the DHCP snooping statistics.
Table 170. DHCP Snooping Statistics information
Description
Field
The number of DHCP messages that were dropped because the source MAC address
and client hardware address did not match. MAC address verification is performed
only if it is globally enabled.
MAC Verify Failures
The number of packets that were dropped by DHCP snooping because the interface
and VLAN on which the packet was received do not match the client’s interface and
VLAN information stored in the binding database.
Client Ifc Mismatch
The number of DHCP server messages that were dropped on an untrusted port.
DHCP Server Msgs
DHCPv6 snooping
DHCPv6 snooping is a feature that provides security by filtering untrusted DHCPv6
messages and by building and maintaining a DHCPv6 snooping binding table. An
untrusted message is a message that is received from outside the network or firewall
and that can cause traffic attacks within your network. The DHCPv6 snooping binding
table contains the MAC address, IP address, lease time, binding type, VLAN number,
and interface information that corresponds to the local untrusted interfaces of a switch.
An untrusted interface is an interface that is configured to receive messages from outside
the network or firewall. A trusted interface is an interface that is configured to receive
only messages from within the network.
DHCPv6 snooping acts like a firewall between untrusted hosts and DHCPv6 servers. It
also provides way to differentiate between untrusted interfaces connected to the end
user and trusted interfaces connected to the DHCPv6 server or another switch.
Main User Manual
747
Manage Switch Security
Fully Managed Switches M4350 Series Main User Manual