ALM-3276800474 The number of DHCPv6 Request messages that were discarded on an interface because they did not match the binding entries exceeded the threshold

Description

DHCP/1/DHCPV6REQUESTTRAP:OID [OID] The number of the discarded DHCPv6 request packets that do not match the binding table exceeds the threshold on the interface. (Interface=[OCTET], VlanID=[INTEGER], BdID=[INTEGER], LastDroppedSourceMac=[OCTET], DiscardedNumber=[INTEGER])

The number of DHCPv6 Request messages that were discarded on an interface because they did not match the binding entries exceeded the threshold.

Attribute

Parameters

Impact on the System

Invalid DHCPv6 Request messages are discarded.

Possible Causes

Attacks from bogus DHCPv6 users were received.

Procedure

1. Run the display dhcpv6 snooping user-bind command to check information about DHCPv6 snooping binding entries on the interface and determine the interface or VLAN from which the user goes online based on the source MAC address of the last discarded message.

2. Obtain the DHCPv6 Request messages received on the interface or in the VLAN using the port mirroring method.

   • If a user connected to the interface sends a large number of DHCPv6 Request messages that do not match the binding entries, the user is an unauthorized user and the sent messages are attack messages. The device discards the attack messages. Check the attack source based on the user's IPv6 address or MAC address.

   • If users connected to the interface do not send a large number of DHCPv6 Request messages that do not match the binding entries, the messages sent by the users are not attack messages. To ensure that the users pass the check, cancel the dhcp snooping check dhcp-request enable command configuration on the interface.

Related Information

None