I was watching your Layer 2 attack mitigation session and you discussed setting a DHCP snooping rate to 10. You said after 10 tries, there are no more DHCP message allowed. When you ran the Show DHCP Snooping command, the rate of 10 was for Packets per Second (PPS). Does the limit of 10 reset every second? I would think you could still starve a DHCP with 600 requests in a minute. If the requests really stop at 10 for good, how d you reset the port?
-
Solved DHCP Snooping Rate
-
@scott-maser said in DHCP Snooping Rate:
I was watching your Layer 2 attack mitigation session and you discussed setting a DHCP snooping rate to 10. You said after 10 tries, there are no more DHCP message allowed. When you ran the Show DHCP Snooping command, the rate of 10 was for Packets per Second (PPS). Does the limit of 10 reset every second? I would think you could still starve a DHCP with 600 requests in a minute. If the requests really stop at 10 for good, how d you reset the port?
Great question!
The key here is understanding what does it mean by "pps." I'm inferring from your question that you're thinking the entire DORA = a packet.But change that thought for a moment. The DORA process is actually 4 separate packets. So that per second, the max addresses you will end up up consuming per second is about 2 if you set it to 10pps.
Hope this helps!
Cordially,
Ronnie Wong
Edutainer Manager, ACI Learning [ITPRO]
*if the post has answered the question, mark as solved.
**All "answers" and responses are offered "as is" and my opinion. There is no implied service, support, or guarantee by ITProTV.
