DHCP snooping can limit the rate at which DHCP messages are allowed to enter an interface.
If the rate of DHCP messages crosses the configured limit, the interface is err-disabled.
Like with Port Security, the interface can be manually re-enabled, or automatically re-enabled with errdisable recovery.
Rate-limiting can be very useful to protect against DHCP exhaustion attacks.
Last updated 2 years ago
