DHCP Snooping
Policy > ARP Defense > DHCP Snooping
You can enable the DHCP Snooping function on the selected interfaces to prevent from DHCP server spoofing attacks and exhausting all the IP address resources.
In the DHCP Snooping page, you can perform the following actions:
- Click DHCP Snooping Configuration to enable/disable the DHCP Snooping function on the selected interfaces/ports and configure other parameters.
- Click Delete to delete the selected DHCP snooping entries.
Options in the DHCP Snooping Configuration dialog:
| Option |
Description |
| Interface |
| Enable/Disable |
Enable/disable the DHCP Snooping function on the selected interfaces.
|
| Port |
| Edit |
Configure options for DHCP snooping:
- Rate: Specify the number of DHCP packets received per second on the interface. If the number exceeds the specified value, the system will drop the excessive DHCP packets. The value range is 0 to 10000. The default value is 0, i.e., no rate limit.
- Drop: If the DHCP Request checkbox is selected, the system will drop all the request packets sent by the client to the server; if the DHCP Response checkbox is selected, the system will drop all the response packets returned by the server to the client.
|
| Enable/Disable |
Enable/disable the DHCP Snooping function on the selected ports.
|