< Home

dhcp snooping max-user-number

Function

The dhcp snooping max-user-number command sets the maximum number of DHCP snooping binding entries to be learned on an interface.

The undo dhcp snooping max-user-number command restores the default maximum number of DHCP snooping binding entries to be learned on an interface.

By default, the maximum number of DHCP snooping binding entries that can be learned on an interface is 512 for S2720-EI, 2048 for S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5720I-SI, S5720S-SI, S5730-SI, S5730S-EI, S6720-LI, S6720S-LI, S6720-SI, and S6720S-SI, and 8192 for other models.

Format

In the system view:

dhcp snooping max-user-number max-user-number [ vlan { vlan-id1 [ to vlan-id2 ] } &<1-10> ]

undo dhcp snooping max-user-number [ vlan { vlan-id1 [ to vlan-id2 ] } &<1-10> ]

In the VLAN view and interface view:

dhcp snooping max-user-number max-user-number

undo dhcp snooping max-user-number

Parameters

Parameter

Description

Value

max-user-number

Specifies the maximum number of DHCP snooping binding entries that can be learned on an interface.

The value is an integer that ranges from 1 to 512 for S2720-EI, from 1 to 2048 for S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5720I-SI, S5720S-SI, S5730-SI, S5730S-EI, S6720-LI, S6720S-LI, S6720-SI and S6720S-SI, and from 1 to 8192 for other models.

NOTE:

If the maximum number of DHCP snooping binding entries to be learned by interfaces is N in the system or VLAN view, for a stack, the value in system view and VLAN view ranges from 1 to N * Number of stacked devices. That is, by default, a maximum of N * Number of stacked devices DHCP users are allowed to access the entire device or VLAN. A stack consisting of S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5720I-SI, S5720S-SI, S5730-SI, S5730S-EI, S6720-LI, S6720S-LI, S6720-SI, S6720S-SI, S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731S-H, S5731-S, S5731S-S, S6720-EI, S5732-H, S6730-H, S6730S-H, S6730-S, S6730S-S, S6720-HI, and S6720S-EI can learn a maximum of 9216 DHCP snooping binding entries. For example, when two S5720-HI switches set up a stack, the stack can learn a maximum of 8192 DHCP snooping binding entries globally and in VLANs by default. When three S5720-HI switches set up a stack, the stack can learn a maximum of 9216 DHCP snooping binding entries globally and in VLANs by default.

vlan { vlan-id1 [ to vlan-id2 ] }
Specifies the maximum number of DHCP snooping binding entries can be learned in a VLAN.
  • vlan-id1 specifies the first VLAN ID.
  • to vlan-id2 specifies the last VLAN ID. vlan-id2 must be larger than vlan-id1.

The value is an integer that ranges from 1 to 4094.

Views

System view, VLAN view, Ethernet interface view, GE interface view, XGE interface view, 25GE interface view, MultiGE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The dhcp snooping max-user-number command sets the maximum number of DHCP snooping binding entries to be learned on an interface. If the number of DHCP snooping binding entries reaches the maximum value, subsequent users cannot access.

When the command is executed in the system view, the value specified in this command is the total number of DHCP snooping binding entries to be learned by all interfaces on the device. If you run the dhcp snooping max-user-number command in the VLAN view, the command takes effect on all the interfaces in the VLAN. If you run the dhcp snooping max-user-number command in the system view, VLAN view, and the interface view, the smallest value takes effect.

Prerequisites

DHCP snooping has been enabled on the device using the dhcp snooping enable command.

Precautions

The maximum number of DHCP snooping binding entries to be learned in a stack environment will still be valid if the stack is split. For example, the maximum number of DHCP snooping binding entries to be learned by interfaces is set to N in the system or VLAN view. After the stack splits, run the display dhcp snooping command. You will find that the maximum number of entries learned by interfaces in the system or VLAN view is still N (even if N is greater than the maximum number (M) of entries supported by a stand-along device). Pay attention to the following points:
  • For the users requiring to go online: The users are allowed to go online when the number of binding entries on the device is smaller than M, and not allowed to go online when the number of binding entries on the device is equivalent to or larger than M.
  • For online users: The users are kept online no matter whether the number of binding entries on the device is larger than M. However, if the number of binding entries is larger than M, the users cannot go online again after they go offline.
  • Binding entries that have been backed up: After the device restarts, all binding entries on the device can be restored no matter whether the number of binding entries is smaller than M, and the users matching these binding entries can go online.

Example

# Set the maximum number of DHCP users to 100 on GE0/0/1.

<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp snooping enable
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] dhcp snooping enable
[HUAWEI-GigabitEthernet0/0/1] dhcp snooping max-user-number 100

# Set the maximum number of DHCP users in VLAN 100 to 100.

<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp snooping enable
[HUAWEI] vlan 100
[HUAWEI-vlan100] dhcp snooping enable
[HUAWEI-vlan100] dhcp snooping max-user-number 100
Parent Topic: DHCP Snooping Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >