mac
314
defense action of the port will be automatically deleted.
Example: Set the DHCP Snooping defense action of port ethernet1/1 as setting blackhole,
and the recovery time is 30 seconds.
switch(config)#interface ethernet 1/1
switch(Config-Ethernet1/1)#ip dhcp snooping action blackhole recovery 30
19.9 ip dhcp snooping action MaxNum
Command: ip dhcp snooping action {<maxNum>|default}
Function: Set the number of defense action that can be simultaneously took effect.
Parameters: <maxNum>: the number of defense action on each port, the range of which
is 1-200, and the value of which is 10 by default.
default: recover to the default value.
Command Mode: Globe mode
Default Settings: The default value is 10.
Usage Guide: Set the max number of defense actions to avoid the resource exhaustion
of the switch caused by attacks. If the number of alarm information is larger than the set
value, then the earliest defense action will be recovered forcibly in order to send new
defense actions.
Example: Set the number of port defense actions as 100.
switch(config)#ip dhcp snooping action 100
19.10 ip dhcp snooping binding
Command: ip dhcp snooping binding enable
no ip dhcp snooping binding enable
Function: Enable the DHCP Snooping binding funciton
Parameters: None.
Command Mode: Globe mode
Default Settings: DHCP Snooping binding is disabled by default.
Usage Guide: When the function is enabled, it will record the binding information
allocated by DHCP Server of all trusted ports. Only after the DHCP SNOOPING function
is enabled, the binding function can be enabled.
Example: Enable the DHCP Snooping binding funciton.
switch(config)#ip dhcp snooping binding enable