Possible Cause 1 |
Multiple DHCP servers are deployed on the network. |
|---|---|
Verification |
Determine whether the expected DHCP server allocates network parameters. |
Solution |
Configure DHCP snooping on the client. This configuration ensures that the client receives DHCP messages from only the trusted DHCP server. For details, see "Inserting the Option 82 Field in a DHCP Message" in S2720, S5700, and S6700 V200R019C10 Configuration Guide - Security. |
Possible Cause 2 |
Broadcast traffic suppression is configured and DHCP Discover messages exceeding the specified threshold are discarded. |
|---|---|
Verification |
Check whether broadcast traffic suppression is configured between the DHCP server and client. Run:display flow-suppression interface |
Solution |
Adjust the broadcast traffic suppression threshold. Run:broadcast-suppression |
Possible Cause 3 |
The network is under attack. |
|---|---|
Verification |
Check statistics about packets sent to the DHCP server's CPU and determine the MAC address at the source of the attack. Run:display cpu-defend statistics
|
Solution |
Add the MAC address at the source of the attack to the blacklist. For details, see "Configuring CPU Attack Defense" in S2720, S5700, and S6700 V200R019C10 Configuration Guide - Security - Local Attack Defense Configuration. |
Possible Cause 4 |
STP is enabled on the DHCP server or relay agent. |
|---|---|
Verification |
Check whether STP is enabled. Run:display stp
|
Solution |
To disable STP, run:undo stp enable
|