Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How Do I Defend Against Bogus DHCP Servers at the User Side?
If a bogus DHCP server is deployed on a customer network, STAs may obtain invalid IP addresses from the bogus DHCP server but not from the AC, AP or authorized DHCP server.
To defend against bogus DHCP servers, disable the DHCP trusted port on an AP in service set view (V200R005 and earlier versions) or VAP profile view (V200R006 and later versions) . A DHCP server sends three types of DHCP packets: Offer, ACK, and NACK. When the AP receives any of these DHCP packets from a user-side interface, it considers the packet sender as a bogus DHCP server. The AP then discards the packets and reports the event to the AC over the CAPWAP tunnel.