9 ip dhcp snooping action maxnum, Ip dhcp snooping action – PLANET WGSW-52040 User Manual

33-67

Function:

Set or delete the automatic defense action of a port.

Parameters:

shutdown: When the port detects a fake DHCP Server, it will be shutdown.

blackhole: When the port detects a fake DHCP Server, the vid and source MAC of the fake packet will be used to

block the traffic from this MAC.

recovery: Users can set to recover after the automatic defense action being executed.(no shut ports or delete

correponding blackhole）.

second: Users can set how long after the execution of defense action to recover. The unit is second, and valid range

is 10-3600.

Command Mode:

Port mode

Default Settings:

No default defense action.

Usage Guide:

Only when DHCP Snooping is globally enabled, can this command be set. Trusted port will not detect fake DHCP

Server, so, will never trigger the corresponding defense action. When a port turns into a trusted port from a

non-trusted port, the original defense action of the port will be automatically deleted.

Example:

Set the DHCP Snooping defense action of port ethernet1/1 as setting blackhole, and the recovery time is 30

seconds.

switch(config)#interface ethernet 1/1

switch(Config-Ethernet1/1)#ip dhcp snooping action blackhole recovery 30

33.9 ip dhcp snooping action MaxNum

Command:

ip dhcp snooping action {<maxNum>|default}

Function:

Set the number of defense action that can be simultaneously took effect.