DHCP Snooping Rate-Limiting

DHCP snooping can limit the rate at which DHCP messages are allowed to enter an interface.

If the rate of DHCP messages crosses the configured limit, the interface is err-disabled.

Like with Port Security, the interface can be manually re-enabled, or automatically re-enabled with errdisable recovery.

Rate-limiting can be very useful to protect against DHCP exhaustion attacks.

PreviousDHCP Snooping OperationsNextDHCP Option 82 (Information Option)

Last updated