(Optional) Configuring the DHCPv6 Message Rate Limit and Alarm Function of DHCPv6 Messages Discarded
Context
To prevent clients from sending a large number of messages to attack the device, the device limits the rate of DHCPv6 messages.
After rate limit of DHCPv6 messages is enabled, the DHCPv6 messages are discarded when the rate threshold is exceeded. After the alarm function of DHCPv6 messages discarded is enabled, the device sends alarms when the number of discarded DHCPv6 messages exceeds the threshold.
Procedure
- Run system-view
The system view is displayed.
- Run dhcpv6 packet-rate packet-rate
Rate limit of DHCPv6 packets is enabled and the rate threshold is configured.
By default, rate limit of DHCPv6 messages is disabled on the RouterIndustrial Switch Router.
- Run dhcpv6
packet-rate drop-alarm enable
The alarm function of DHCPv6 messages discarded is enabled on the device.
By default, the alarm function of DHCPv6 messages discarded is disabled.
- Run dhcpv6
packet-rate drop-alarm threshold threshold
An alarm threshold for the number of discarded DHCPv6 messages when the DHCPv6 message rate exceeds the rate threshold is set.
By default, the alarm threshold is 100 when the alarm function of DHCPv6 messages discarded is enabled.