The dhcp snooping check enable alarm enable command enables the DHCP packet check and alarm function.
By default, the DHCP packet check and alarm function is disabled.
dhcp snooping check { dhcp-request | dhcp-chaddr | dhcp-giaddr } enable alarm { user-bind | mac-address | untrust-reply } { enable | [ enable ] threshold threshold }
| Parameter | Description | Value |
|---|---|---|
| dhcp-request | Matches DHCP packets with entries in the binding table. |
- |
| dhcp-chaddr | Checks whether the MAC address and CHADDR field in DHCP packets are consistent. |
- |
| dhcp-giaddr | Checks whether the GIADDR field in DHCP packets is not zero. |
- |
| user-bind | Generates an alarm when the number of DHCP packets discarded because they do not match DHCP snooping binding entries reaches the threshold. |
- |
| mac-address | Generates an alarm when the number of DHCP packets discarded because the CHADDR field in the DHCP packet does not match the source MAC address in the Ethernet frame header reaches the threshold. |
- |
| untrust-reply | Generates an alarm when the number of DHCP Reply packets discarded by untrusted interfaces reaches the threshold. |
- |
| threshold threshold | Specifies the alarm threshold. When the number of discarded DHCP packets reaches the threshold, an alarm is generated. |
The value is an integer that ranges from 1 to 1000. |
This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade. This function equals to the combination of the dhcp snooping check dhcp-giaddr enable, dhcp snooping check dhcp-chaddr enable, dhcp snooping check dhcp-request enable, and dhcp snooping alarm { dhcp-request | dhcp-chaddr | dhcp-reply } threshold threshold commands.