ipv6 dhcp snooping check request-message

Use ipv6 dhcp snooping check request-message to enable the DHCPv6-REQUEST check feature for the received DHCPv6-RENEW, DHCPv6-DECLINE, and DHCPv6-RELEASE messages.

Use undo ipv6 dhcp snooping check request-message to disable the DHCPv6-REQUEST check feature.

Syntax

ipv6 dhcp snooping check request-message

undo ipv6 dhcp snooping check request-message

Default

DHCPv6-REQUEST check is disabled.

Views

Layer 2 Ethernet interface/Layer 2 aggregate interface view

S-channel interface/S-channel aggregate interface view

VSI interface/VSI aggregate interface view

Predefined user roles

network-admin

Usage guidelines

Use the DHCPv6-REQUEST check feature to protect the DHCPv6 server against DHCPv6 client spoofing attacks. The feature enables the DHCPv6 snooping device to check every received DHCPv6-RENEW, DHCPv6-DECLINE, or DHCPv6-RELEASE message against DHCPv6 snooping entries.

Examples

# Enable DHCPv6-REQUEST check.

<Sysname> system-view
[Sysname] interface Ten-GigabitEthernet1/0/1
[Sysname-Ten-GigabitEthernet1/0/1] ipv6 dhcp snooping check request-message