SupportDocumentationRoutersService RoutersME60Configuration & CommissioningConfiguration Guide

ME60 V800R023C10SPC500 Configuration Guide

Setting the Maximum Number of DHCP Clients

Setting the Maximum Number of DHCP Clients

The maximum number of Dynamic Host Configuration Protocol (DHCP) clients that log in from an interface can be specified.

Usage Scenario

After the number of login clients reaches the maximum number, no client can obtain IP address. To prevent malicious IP address application, configure the maximum number of DHCP clients.

In the VXLAN scenario, the maximum number for the entire system must be greater than or equal to the sum of maximum number for all BDs.

When the number of login users on a DHCP snooping device reaches the maximum number, check whether the IP address of DHCP ACK packets exists in the binding entries and determine whether the login users are new ones. In this case, you can configure the MAC address strict check function. DHCP snooping can determine whether the users are new ones by checking the MAC addresses of the DHCP Discover packets sent by them. If the MAC address of a user does not exist in DHCP snooping binding entries, the user is not allowed to go online, and packets are not sent to the DHCP server. In this manner, the DHCP server is not affected by unauthorized users.

Pre-configuration Tasks

Before you set the maximum number of DHCP clients, configure DHCP snooping and trusted interfaces.

Procedure

  • Configure the maximum number of DHCP clients for a VLAN.
    1. Run system-view

      The system view is displayed.

    2. (Optional) Run dhcp snooping strict-check mac-address

      DHCP snooping is enabled to strictly check the MAC addresses of login users.

    3. Run vlan vlan-id

      The VLAN view is displayed.

    4. Run dhcp snooping max-user-number max-user-number [ interface interface-type interface-number ]

      The maximum number of DHCP clients is configured for the VLAN.

    5. (Optional) Run dhcp snooping alarm user-limit enable [ interface interface-type interface-number ]

      The alarm function for discarded DHCP packets because the maximum number of DHCP clients is reached is enabled for the VLAN.

    6. (Optional) Run dhcp snooping alarm user-limit threshold threshold [ interface interface-type interface-number ]

      The maximum number of DHCP clients is configured for the VLAN.

    7. Run commit

      The configuration is committed.

  • Configure the maximum number of DHCP clients for an interface.
    1. Run system-view

      The system view is displayed.

    2. (Optional) Run dhcp snooping strict-check mac-address

      DHCP snooping is enabled to strictly check the MAC addresses of login users.

    3. Run interface interface-type interface-number

      The interface view is displayed.

    4. Run dhcp snooping max-user-number max-user-number

      The maximum number of DHCP clients is configured for the interface.

    5. (Optional) Run dhcp snooping alarm user-limit enable

      The alarm function for discarded DHCP packets because the maximum number of DHCP clients is reached is enabled for the interface.

    6. (Optional) Run dhcp snooping alarm user-limit threshold threshold-value

      The maximum number of DHCP clients is configured for the interface.

    7. Run commit

      The configuration is committed.

  • Configure the maximum number of DHCP clients for a BD.
    1. Run system-view

      The system view is displayed.

    2. Run bridge-domain bd-id

      The BD view is displayed.

    3. Run dhcp snooping max-user-number max-user-number

      The maximum number of DHCP clients is configured for the BD.

    4. Run commit

      The configuration is committed.

Result

Run the display dhcp snooping { interface interface-type interface-number | vlan vlan-id [ interface interface-type interface-number ] | bridge-domain bd-id } command to check the maximum number of DHCP clients.