DHCP_1.3.6.1.4.1.2011.5.25.112.2.4 hwUntrustedReplyPktAlarm

Description

DHCP/1/REPLYTRAP:OID [OID] The number of the discarded DHCP reply packets on the untrusted interface exceeds the threshold. (IfIndex=[INTEGER], VlanIndex=[INTEGER], Interface=[OCTET], VlanID=[INTEGER], DiscardedNumber=[INTEGER])

The number of DHCP Reply packets discarded on the untrusted interface exceeded the threshold.

Attribute

Alarm ID Alarm Severity Alarm Type
1.3.6.1.4.1.2011.5.25.112.2.4 Critical equipmentAlarm(5)

Parameters

Name Meaning
OID Indicates the MIB object ID of the alarm.
IfIndex Indicates the interface index.
VlanIndex Indicates the VLAN index.
Interface Indicates the interface name.
VlanID Indicates the VLAN ID.
DiscardedNumber Indicates the number of discarded packets.

Impact on the System

Invalid DHCP packets are discarded.

Possible Causes

Bogus DHCP server attacks occurred.

Procedure

  1. Capture packets on the interface to check whether a bogus DHCP server attack occurs on this interface.

    • Check whether the DHCP server address in the received DHCP Reply packet is the specified server address. If not, the DHCP server is a bogus server. Because the invalid DHCP packets have been discarded, no action is required.
    • If the DHCP server is a valid server and needs to be used, run the dhcp snooping trusted command on the interface to configure it as a trusted interface.

Related Information

None.

Parent topic: DHCP
Copyright © Huawei Technologies Co., Ltd.