The dhcpv6 snooping alarm enable command enables dropped packets alarm.
The undo dhcpv6 snooping alarm enable command disables dropped packets alarm.
The dhcpv6 snooping alarm threshold command configures an alarm threshold for the number of dropped packets in the interface.
The undo dhcpv6 snooping alarm threshold command restores the default setting.
By default:
- The function of dropped packets alarm is disabled.
- The alarm threshold for the number of dropped packets in the interface is a global alarm threshold (which is 100 by default and can be configured manually).
100GE interface view, 10GE interface view, 25GE interface view, 400GE interface view, 40GE interface view, 50GE interface view, Eth-Trunk interface view, FlexE sub-interface view, FlexE interface view, GE optical interface view, GE interface view, GE electrical interface view, Global VE sub-interface view, VE sub-interface view, Sub-interface view
Usage Scenario
In DHCPv6 applications, configure the packet alarm function as follows:
If IPv6/MAC spoofing attacks exists and IPv6 packet check is configured, you can configure the IPv6 packet alarm function. When the number of discarded IPv6 packets exceeds a specified alarm threshold, the system generates an alarm and notifies the NMS of the alarm.Prerequisites
The dhcpv6 snooping enable command to enable DHCPv6 snooping globally.
Precautions
After the trap function is enabled for discarded packets on an interface, if the interface threshold is not configured, the global threshold is used. If the interface threshold is configured, the interface threshold is preferentially used.