No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Configuration Guide - Security

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of Security, including ACL, local attack defense, MFF, attack defense, traffic suppression and storm control, ARP security, Port security, DHCP snooping, ND snooping, PPPoE+, IPSG, SAVI, separating the management plane from the service plane, security risks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Defense Against DHCP Flood Attacks

Defense Against DHCP Flood Attacks


On a DHCP network, if an attacker sends a large number of DHCP messages to the device within a short time, device performance may deteriorate and the device may fail to work properly. This attack is called a DHCP flood attack.


To prevent DHCP flood attacks, enable DHCP snooping and enable the device to check the rate of sending DHCP messages to the processing unit. The device then sends only DHCP messages within a specified rate to the processing unit and discards those that exceed the rate.

Updated: 2019-04-20

Document ID: EDOC1100074765

Views: 28701

Downloads: 97

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next