Mechanism
On a DHCP network, if a large number of DHCP messages are sent to the device within a short period of time, device performance may deteriorate, preventing the device from working properly. This kind of attack is known as a DHCP flood attack.
Solution
To prevent DHCP flood attacks, enable DHCP snooping and enable the device to check the rate at which DHCP messages are sent to the processing unit. The device then limits the rate at which it sends DHCP messages to the processing unit and discards those that exceed the rate.