Login
- Table of Contents
-
- 08-Layer 3 - IP Services
- 01-HH3C-ARP-RATELIMIT-MIB
- 02-HH3C-ARP-SUPPRESSION-MIB
- 03-HH3C-ARP-TRAP-MIB
- 04-HH3C-BPA-MIB
- 05-HH3C-DHCP-SNOOP2-MIB
- 06-HH3C-DHCP4-CLIENT-MIB
- 07-HH3C-DHCP4-MIB
- 08-HH3C-DHCP6-MIB
- 09-HH3C-FIB-MIB
- 10-HH3C-IP-ADDRESS-MIB
- 11-HH3C-IPFW-MIB
- 12-HH3C-IPV6-ADDRESS-MIB
- 13-HH3C-NAT-MIB
- 14-HH3C-ND-TRAP-MIB
- 15-HH3C-SESSION-MIB
- 16-HH3C-TCP-MIB
- 17-HH3C-DNS-MIB
- 18-IP-MIB
- 19-IPV6-ICMP-MIB
- 20-IPV6-MIB
- 21-IPV6-TCP-MIB
- 22-IPV6-UDP-MIB
- 23-TCP-MIB
- 24-UDP-MIB
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 05-HH3C-DHCP-SNOOP2-MIB | 194.32 KB |
Contents
hh3cDhcpSnoop2Enabled (1.3.6.1.4.1.25506.2.124.1.1.1)
hh3cDhcpSnoop2BindDbName (1.3.6.1.4.1.25506.2.124.1.1.2)
hh3cDhcpSnoop2BindRefreshIntvl (1.3.6.1.4.1.25506.2.124.1.1.3)
hh3cDhcpSnoop2BindRefresh (1.3.6.1.4.1.25506.2.124.1.1.4)
hh3cDhcpSnoop2PktSentNum (1.3.6.1.4.1.25506.2.124.1.2.1)
hh3cDhcpSnoop2PktRcvNum (1.3.6.1.4.1.25506.2.124.1.2.2)
hh3cDhcpSnoop2PktDropNum (1.3.6.1.4.1.25506.2.124.1.2.3)
hh3cDhcpSnoop2TrapDropNum (1.3.6.1.4.1.25506.2.124.1.2.4)
hh3cDhcpSnoop2PktVlanID (1.3.6.1.4.1.25506.2.124.1.2.5)
hh3cDhcpSnoop2BindTblThreshRecov
HH3C-DHCP-SNOOP2-MIB
About this MIB
Use HH3C-DHCP-SNOOP2-MIB to configure DHCP snooping, retrieve DHCP snooping entries, and control DHCP snooping alarms.
MIB file name
hh3c-dhcp-snoop2.mib
Root object
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).hh3c(25506).hh3cCommon(2).hh3cDhcpSnoop2(124)
Scalar objects
hh3cDhcpSnoop2Enabled (1.3.6.1.4.1.25506.2.124.1.1.1)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2Enabled (1.3.6.1.4.1.25506.2.124.1.1.1) |
read-write |
TruthValue |
true(1), false(2) |
Enabling status of DHCP snooping. |
As per the MIB. |
hh3cDhcpSnoop2BindDbName (1.3.6.1.4.1.25506.2.124.1.1.2)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2BindDbName (1.3.6.1.4.1.25506.2.124.1.1.2) |
read-write |
OCTET STRING |
OCTET STRING (0..255) |
Name of the file for saving DHCP snooping entries. |
The name string cannot exceed the product-specific upper limit. |
hh3cDhcpSnoop2BindRefreshIntvl (1.3.6.1.4.1.25506.2.124.1.1.3)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2BindRefreshIntvl (1.3.6.1.4.1.25506.2.124.1.1.3) |
read-write |
Unsigned32 |
Unsigned32(60..864000) |
DHCPv6 snooping entry refreshing interval. |
As per the MIB. |
hh3cDhcpSnoop2BindRefresh (1.3.6.1.4.1.25506.2.124.1.1.4)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2BindRefresh (1.3.6.1.4.1.25506.2.124.1.1.4) |
read-write |
INTEGER |
on(1) |
Immediate saving of DHCP snooping entries. |
As per the MIB. |
hh3cDhcpSnoop2PktSentNum (1.3.6.1.4.1.25506.2.124.1.2.1)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2PktSentNum (1.3.6.1.4.1.25506.2.124.1.2.1) |
read-only |
Counter64 |
INTEGER(0..18446744073709551615) |
Number of packets forwarded by DHCP snooping. |
As per the MIB. |
hh3cDhcpSnoop2PktRcvNum (1.3.6.1.4.1.25506.2.124.1.2.2)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2PktRcvNum (1.3.6.1.4.1.25506.2.124.1.2.2) |
read-only |
Counter64 |
INTEGER(0..18446744073709551615) |
Number of packets received by DHCP snooping. |
As per the MIB. |
hh3cDhcpSnoop2PktDropNum (1.3.6.1.4.1.25506.2.124.1.2.3)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2PktDropNum (1.3.6.1.4.1.25506.2.124.1.2.3) |
read-only |
Counter64 |
INTEGER(0..18446744073709551615) |
Number of packets dropped by DHCP snooping. |
As per the MIB. |
hh3cDhcpSnoop2TrapDropNum (1.3.6.1.4.1.25506.2.124.1.2.4)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2TrapDropNum (1.3.6.1.4.1.25506.2.124.1.2.4) |
read-only |
Counter64 |
INTEGER(0..18446744073709551615) |
Number of DHCP replies dropped by DHCP snooping. |
As per the MIB. |
hh3cDhcpSnoop2PktVlanID (1.3.6.1.4.1.25506.2.124.1.2.5)
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2PktVlanID (1.3.6.1.4.1.25506.2.124.1.2.5) |
accessible-for-notify |
Unsigned32 |
Unsigned32(1..4094) |
VLAN ID of the DHCP packet dropped by DHCP snooping. |
As per the MIB. |
Tabular objects
hh3cDhcpSnoop2BindTable
About this table
This table describes a DHCP snooping entry.
Support for operations
Create:Not supported
Edit/Modify:Not supported
Delete:Supported
Read:Supported
Columns
The table indexes are h3cDhcpSnoop2BindIpAddr, h3cDhcpSnoop2BindVlanId, and h3cDhcpSnoop2BindSecVlanId.
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2BindIpAddr (1.3.6.1.4.1.25506.2.124.2.1.1.1) |
not-accessible |
InetAddressIPv4 |
OCTET STRING (4) |
IP address assigned to a DHCP client. |
As per the MIB. |
|
hh3cDhcpSnoop2BindVlanId (1.3.6.1.4.1.25506.2.124.2.1.1.2) |
not-accessible |
Unsigned32 |
Unsigned32(1..4094) |
Outer VLAN tag of the DHCP packet. |
As per the MIB. |
|
hh3cDhcpSnoop2BindSecVlanId (1.3.6.1.4.1.25506.2.124.2.1.1.3) |
not-accessible |
Unsigned32 |
Unsigned32(1..4094|65535) |
Inner VLAN tag of the DHCP packet. |
As per the MIB. |
|
hh3cDhcpSnoop2BindMacAddr (1.3.6.1.4.1.25506.2.124.2.1.1.4) |
read-only |
MacAddress |
OCTET STRING (6) |
MAC address of the DHCP client. |
As per the MIB. |
|
hh3cDhcpSnoop2BindLease (1.3.6.1.4.1.25506.2.124.2.1.1.5) |
read-only |
Unsigned32 |
Standard MIB values. |
Remaining time of the lease for the DHCP client. |
As per the MIB. |
|
hh3cDhcpSnoop2BindPortIndex (1.3.6.1.4.1.25506.2.124.2.1.1.6) |
read-only |
InterfaceIndexOrZero |
Integer32(0..2147483647) |
Interface that connects to the DHCP client. |
As per the MIB. |
|
hh3cDhcpSnoop2BindRowStatus (1.3.6.1.4.1.25506.2.124.2.1.1.7) |
read-create |
RowStatus |
Support only the destroy operation |
Row status. |
As per the MIB. |
hh3cDhcpSnoop2IfConfigTable
About this table
This table describes the DHCP snooping configuration on interfaces.
Support for operations
Create:Not supported
Edit/Modify:Supported
Delete:Not supported
Read:Supported
Columns
The table index is ifindex.
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2IfTrustStatus (1.3.6.1.4.1.25506.2.124.2.2.1.1) |
read-write |
INTEGER |
untrusted(0), trusted(1) |
Enabling status of the DHCP snooping trusted interface. |
As per the MIB. |
|
hh3cDhcpSnoop2IfCheckMac (1.3.6.1.4.1.25506.2.124.2.2.1.2) |
read-write |
TruthValue |
true(1), false(2) |
Enabling status of the MAC address check. |
As per the MIB. |
|
hh3cDhcpSnoop2IfCheckRequest (1.3.6.1.4.1.25506.2.124.2.2.1.3) |
read-write |
TruthValue |
true(1), false(2) |
Enabling status of the DHCP-REQUEST check. |
As per the MIB. |
|
hh3cDhcpSnoop2IfRecordBind (1.3.6.1.4.1.25506.2.124.2.2.1.5) |
read-write |
TruthValue |
true(1), false(2) |
Recording DHCP snooping entries. |
As per the MIB. |
|
hh3cDhcpSnoop2IfMaxLearnNum (1.3.6.1.4.1.25506.2.124.2.2.1.6) |
read-write |
Unsigned32 |
Unsigned32(0..4294967295) |
Maximum number of DHCP snooping entries that the interface can learn. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82Enable (1.3.6.1.4.1.25506.2.124.2.2.1.7) |
read-write |
TruthValue |
true(1), false(2) |
Enabling status of Option 82 support |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82Strategy (1.3.6.1.4.1.25506.2.124.2.2.1.8) |
read-write |
INTEGER |
drop(1), keep(2), replace(3) |
Option 82 strategy |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82CIDMode (1.3.6.1.4.1.25506.2.124.2.2.1.9) |
read-write |
INTEGER |
normal(1), verbose(2), userDefine(3) |
Mode of the Circuit ID sub-option in Option 82. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82CIDNodeType (1.3.6.1.4.1.25506.2.124.2.2.1.10) |
read-write |
INTEGER |
invalid(1), mac(2), sysname(3), userDefine(4) |
Format of the Circuit ID sub-option in verbose mode. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82CIDNodeStr (1.3.6.1.4.1.25506.2.124.2.2.1.11) |
read-write |
OCTET STRING |
OCTET STRING (0..50) |
User-defined string for the Circuit ID sub-option in verbose mode. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82CIDStr (1.3.6.1.4.1.25506.2.124.2.2.1.12) |
read-write |
OCTET STRING |
OCTET STRING (0|3..63) |
User-defined string for the Circuit ID sub-option in user-defined mode. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82CIDFormat (1.3.6.1.4.1.25506.2.124.2.2.1.13) |
read-write |
INTEGER |
hex(1), ascii(2), undefine(3) |
Padding format of the Circuit ID sub-option. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82RIDMode (1.3.6.1.4.1.25506.2.124.2.2.1.14) |
read-write |
INTEGER |
normal(1), sysname(2), userDefine(3) |
Mode of the Remote ID sub-option in Option 82. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82RIDStr (1.3.6.1.4.1.25506.2.124.2.2.1.15) |
read-write |
OCTET STRING |
OCTET STRING (0..63) |
User-defined string for the Remote ID sub-option in user-defined mode. |
As per the MIB. |
|
hh3cDhcpSnoop2IfOpt82RIDFormat (1.3.6.1.4.1.25506.2.124.2.2.1.16) |
read-write |
INTEGER |
hex(1), ascii(2) |
Padding format of the Remote ID sub-option. |
As per the MIB. |
hh3cDhcpSnoop2IfVlanCIDTable
About this table
This table describes Option 82 Circuit ID sub-option configuration in VLANs.
Support for operations
Create:Supported
Edit/Modify:Supported
Delete:Supported
Read:Supported
Columns
The table indexes are ifIndex and h3cDhcpSnoop2IfVlanCIDVlanIndex.
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2IfVlanCIDVlanIndex (1.3.6.1.4.1.25506.2.124.2.3.1.1) |
not-accessible |
Unsigned32 |
Unsigned32(1..4094) |
VLAN ID. |
As per the MIB. |
|
hh3cDhcpSnoop2IfVlanCIDStr (1.3.6.1.4.1.25506.2.124.2.3.1.2) |
read-create |
OCTET STRING |
OCTET STRING (3..63) |
User-defined string for padding the Circuit ID sub-option. |
As per the MIB. |
|
hh3cDhcpSnoop2IfVlanCIDRowStatus (1.3.6.1.4.1.25506.2.124.2.3.1.3) |
read-create |
RowStatus |
Active(1), createAndGo(4), destroy(6). |
Row status. |
As per the MIB. |
hh3cDhcpSnoop2IfVlanRIDTable
About this table
This table describes Option 82 Remote ID sub-option configuration in VLANs.
Support for operations
Create:Supported.
It must be bound to h3cDhcpSnoop2IfVlanRIDMode when you create an entry.
Edit/Modify:Supported.
It must be bound to h3cDhcpSnoop2IfVlanRIDMode when you modify an entry.
Delete:Supported
Read:Supported
Columns
The table indexes are ifIndex and h3cDhcpSnoop2IfVlanRIDVlanIndex.
|
Object (OID) |
Access |
Syntax |
Value range |
Description |
Implementation |
|
hh3cDhcpSnoop2IfVlanRIDVlanIndex (1.3.6.1.4.1.25506.2.124.2.4.1.1) |
not-accessible |
Unsigned32 |
Unsigned32(1..4094) |
VLAN ID. |
As per the MIB. |
|
hh3cDhcpSnoop2IfVlanRIDMode (1.3.6.1.4.1.25506.2.124.2.4.1.2) |
read-create |
INTEGER |
sysname(1), userDefine(2) |
Padding mode of the Remote ID sub-option. |
As per the MIB. |
|
hh3cDhcpSnoop2IfVlanRIDStr (1.3.6.1.4.1.25506.2.124.2.4.1.3) |
read-create |
OCTET STRING |
OCTET STRING (0..63) |
User-defined string for padding the Remote ID sub-option. |
If the padding mode for the Remote ID sub-option is sysname(1), the value read from this object is 0. |
|
hh3cDhcpSnoop2IfVlanRIDRowStatus (1.3.6.1.4.1.25506.2.124.2.4.1.4) |
read-create |
RowStatus |
Active(1), createAndGo(4), destroy(6). |
Row status. |
As per the MIB. |
Notifications
hh3cDhcpSnoop2BindTblExh
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.1 |
DHCP snooping entry resources are exhausted. |
Error |
Warning |
1.3.6.1.4.1.25506.2.124.3.0.2 (hh3cDhcpSnoop2BindTblExhRecov) |
OFF |
Notification triggers
This notification is generated when DHCP snooping entry resources are exhausted.
System impact
The system will not generate new DHCP snooping entries until DHCP snooping entry resources become available. DHCP snooping security features might not be available for new users.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping binding-exhaust command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping binding-exhaust command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.2.2.1.1 (IfIndex) |
Interface index. |
ifindex |
Unsigned32 |
Standard MIB values. |
Recommended action
To resolve this issue:
1.Use the display this command in interface view to view the maximum number of dynamic DHCP snooping entries that the current interface can learn:
- If the value is too small, use the dhcp snooping max-learning-num command in interface view to increase the maximum number of dynamic DHCP snooping entries that the current interface can learn. If the notification recurs, proceed to the next step.
- If the value is appropriate, proceed to the next step.
2.If the issue persists, collect alarm information, log messages, and configuration data, and then contact H3C Support for help.
hh3cDhcpSnoop2BindTblExhRecov
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.2 |
DHCP snooping entry resources recover from the exhaustion condition. |
Recovery |
Warning |
N/A (N/A) |
OFF |
Notification triggers
This notification is generated when DHCP snooping entry resources recover from the exhaustion condition.
System impact
No negative impact on the system.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping binding-exhaust command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping binding-exhaust command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.2.2.1.1 (IfIndex) |
Interface index. |
ifindex |
Unsigned32 |
Standard MIB values. |
Recommended action
No action is required.
hh3cDhcpSnoop2BindTblThresh
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.3 |
The usage of DHCP snooping entry resources reaches or exceeds the alarm threshold. |
Error |
Warning |
1.3.6.1.4.1.25506.2.124.3.0.4 (hh3cDhcpSnoop2BindTblThreshRecov) |
OFF |
Notification triggers
This notification is generated when the usage of DHCP snooping entry resources reaches or exceeds the alarm threshold.
System impact
DHCP snooping entry resources will be exhausted if the system continues to generate DHCP snooping entries. After DHCP snooping entry resources are exhausted, DHCP snooping security features might not be available for new users.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping binding-threshold command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping binding-threshold command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.2.2.1.1 (IfIndex) |
Interface index. |
ifindex |
Unsigned32 |
Standard MIB values. |
Recommended action
To resolve this issue:
1.Use the dhcp snooping learning-num-threshold command to increase the alarm threshold on the number of dynamic DHCP snooping entries learned by the current interface.
Alternatively, use the dhcp snooping max-learning-num command to increase the maximum number of dynamic DHCP snooping entries that the current interface can learn.
2.If the issue persists, collect alarm information, log messages, and configuration data, and then contact H3C Support for help.
hh3cDhcpSnoop2BindTblThreshRecov
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.4 |
The usage of DHCP snooping entry resources drops below the alarm threshold. |
Recovery |
Warning |
N/A (N/A) |
OFF |
Notification triggers
This notification is generated when the usage of DHCP snooping entry resources drops below the alarm threshold.
System impact
No negative impact on the system.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping binding-threshold command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping binding-threshold command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.2.2.1.1 (IfIndex) |
Interface index. |
ifindex |
Unsigned32 |
Standard MIB values. |
Recommended action
No action is required.
hh3cDhcpSnoop2NomatchBindAlm
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.5 |
The number of DHCP requests dropped due to DHCP snooping entry mismatch reaches the alarm threshold. |
Informational |
Warning |
N/A (N/A) |
OFF |
Notification triggers
This notification is generated when the number of DHCP requests dropped due to DHCP snooping entry mismatch reaches the alarm threshold.
System impact
No negative impact on the system.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping binding-mismatch command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping binding-mismatch command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.2.2.1.1 (IfIndex) |
Interface index. |
ifindex |
Unsigned32 |
Standard MIB values. |
Recommended action
To resolve this issue:
1.Use the display dhcp snooping binding command in any view to view DHCP snooping entries, and then use port mirroring to obtain replicas of the DHCP requests received on the current interface or VLAN.
- If a large number of these DHCP requests have a DHCP snooping entry mismatch, the interface is under attack and you need to locate the source of this attack.
- If DHCP snooping entry mismatch occurs but only to a few of these DHCP requests, the interface is not under attack. In this situation, use the dhcp snooping trap binding-mismatch threshold command to set a higher alarm threshold.
2.If the issue persists, collect alarm information, log messages, and configuration data, and then contact H3C Support for help.
hh3cDhcpSnoop2ChaddrAlm
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.6 |
The number of DHCP packets dropped due to MAC address mismatch reaches the alarm threshold. |
Informational |
Warning |
N/A (N/A) |
OFF |
Notification triggers
This notification is generated when the number of DHCP packets dropped due to MAC address mismatch reaches the alarm threshold. A MAC address mismatch occurs when the chaddr field of a received DHCP packet is different from the source MAC address field in the frame header.
System impact
The system is probably being attacked by DHCP packets whose chaddr field was tampered with. However, this event does not interrupt other services, because DHCP snooping drops those DHCP packets.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping chaddr-mismatch command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping chaddr-mismatch command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.2.2.1.1 (IfIndex) |
Interface index. |
ifindex |
Unsigned32 |
Standard MIB values. |
Recommended action
To resolve this issue:
1.Locate the interface for which this notification is generated, and then use port mirroring to obtain replicas of the DHCP packets received on the interface.
- If a large number of these DHCP packets have a MAC address mismatch, the interface is under attack and you need to locate the source of this attack.
- If MAC address mismatch occurs but only to a few of these DHCP packets, the interface is not attacked. In this situation, use the dhcp snooping trap chaddr-mismatch threshold command to set a higher alarm threshold.
2.If the issue persists, collect alarm information, log messages, and configuration data, and then contact H3C Support for help.
hh3cDhcpSnoop2UntrustRelpyAlm
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.7 |
The number of DHCP server replies dropped on an untrusted interface reaches the alarm threshold. |
Informational |
Warning |
N/A (N/A) |
OFF |
Notification triggers
This notification is generated when the number of DHCP server replies dropped on an untrusted interface reaches the alarm threshold.
System impact
DHCP snooping drops illegal DHCP packets.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping untrust-reply command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping untrust-reply command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.31.1.1.1.1 (ifName) |
Interface name. |
ifindex |
DisplayString |
Standard MIB values. |
|
1.3.6.1.4.1.25506.2.124.1.2.4 (hh3cDhcpSnoop2TrapDropNum) |
Number of DHCP server replies dropped by DHCP snooping. |
N/A |
Counter64 |
Standard MIB values. |
|
1.3.6.1.4.1.25506.2.124.1.2.5 (hh3cDhcpSnoop2PktVlanID) |
VLAN ID of the DHCP packets dropped by DHCP snooping. |
N/A |
Unsigned32(1..4094) |
Standard MIB values. |
Recommended action
To resolve this issue:
1.Locate the interface for which this notification is generated, and then use port mirroring to obtain replicas of the DHCP server replies received on the interface.
2.Verify that the DHCP server address carried in each reply is legitimate.
- If the DHCP server address in a reply is illegitimate, the reply is an attack packet, and no action is required.
- If the DHCP server address in a reply is legitimate, execute the dhcp snooping trust command to specify the interface as a trusted interface. If the notification recurs, proceed to the next step.
3.If the issue persists, collect alarm information, log messages, and configuration data, and then contact H3C Support for help.
hh3cDhcpSnoop2RateLimitAlm
Basic information
|
OID |
Event |
Type |
Severity |
Recovery notification |
Default status |
|
1.3.6.1.4.1.25506.2.124.3.0.8 |
The number of DHCP requests dropped due to rate limiting reaches the alarm threshold. |
Informational |
Warning |
N/A (N/A) |
OFF |
Notification triggers
This notification is generated when the number of DHCP requests dropped due to rate limiting reaches the alarm threshold. DHCP snooping drops DHCP requests when the rate of incoming DHCP requests exceeds the limit.
System impact
DHCP snooping drops the DHCP requests that exceed the rate limit. DHCP requests from some legitimate users might be discarded.
Status control
ON
CLI: Use the snmp-agent trap enable dhcp snooping rate-limit command.
OFF
CLI: Use the undo snmp-agent trap enable dhcp snooping rate-limit command.
Object
|
OID (object name) |
Description |
Index |
Type |
Value range |
|
1.3.6.1.2.1.31.1.1.1.1 (ifName) |
Interface name. |
ifindex |
DisplayString |
Standard MIB values. |
|
1.3.6.1.4.1.25506.2.124.1.2.4 (hh3cDhcpSnoop2TrapDropNum) |
Number of DHCP packets dropped by DHCP snooping. This value is recorded in the notification. |
N/A |
Counter64 |
Standard MIB values. |
|
1.3.6.1.4.1.25506.2.124.1.2.5 (hh3cDhcpSnoop2PktVlanID) |
VLAN ID of the DHCP packets dropped by DHCP snooping. |
N/A |
Unsigned32(1..4094) |
Standard MIB values. |
Recommended action
To resolve this issue:
1.Locate the interface for which this notification is generated, use port mirroring to obtain replicas of the DHCP requests received on the interface, and then identify whether these DHCP requests are malicious.
- If the interface receives a large number of DHCP requests from a user, the user might be launching an attack. In this situation, locate the source of the attack by using source address information in the received DHCP requests.
- If no users send a large number of DHCP requests to the interface, you can determine that the DHCP requests received on the interface are all legitimate. In this situation, perform the following tasks:
Use the dhcp snooping rate-limit command in interface view to set a higher rate limit.
(Optional.) Use the dhcp snooping trap rate-limit threshold command in interface view or system view to set a higher alarm threshold.
If the notification recurs after you perform these tasks, proceed to the next step.
2.If the issue persists, collect alarm information, log messages, and configuration data, and then contact H3C Support for help.
