Showing results for 
Search instead for 
Did you mean: 

Cisco Community Designated VIP Class of 2020

dhcp discover rate limiting


Hi All, I wonder if anyone could please help with this question:  We have a number of 6509s which generally have dhcp relay agents configured on the SVIs.   The dhcp servers are centralised. Recently we've had one or two faults with misconfigured or faulty devices (blade server chassis and also printers) generating high volumes of dhcp discover packets and causing high cpu on the relevant 6500.    I would like to rate limit these discover packets, which are layer 2 broadcasts, and was wondering if anyone had done this. Storm control can't discriminate between different types of broadcasts and on a gig link would need to be set down at about 1% to have much effect on the problem. I've looked at CoPP and also mls hardware rate-limiting but as I understand it, these two features don't control broadcast traffic. I also looked at dhcp snooping but if an interface receives a high level of dhcp discover broadcasts, e.g. over 100pps, I don't want it to go error-disabled (as this would knock down the whole edge switch),  just to drop the excess packets. I'd be glad of any advice received. Thanks.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here