•
HP recommends running a time synchronization protocol such as SNTP to track lease times
accurately.
•
A remote server must be used to save lease information or connectivity may be lost after a
switch reboot.
Log messages
Attempt to release address <ip-address> leased to port <port-number> detected on port
<port-number> dropped.
Attempt by a client to release an address when a DHCPRELEASE or
DHCPDECLINE packet is received not from the port the address was leased to.
Ceasing bad release logs for %s.
More than one bad DHCP client release packet was dropped.
To avoid filling the log file with repeated bad release dropped packets, bad releases will not be
logged for <
duration
>.
Ceasing MAC mismatch logs for <duration>.
More than one DHCP client packet with a mismatched
source MAC and chaddr field was dropped. To avoid filling the log file with repeated attempts,
client address mismatch events will not be logged for the specified <
duration
>.
Ceasing unauthorized server logs for <duration>.
More than one unauthorized server packet was
dropped. To avoid filling the log file with repeated attempts, unauthorized server transmit attempts
will not be logged for the specified <
duration
>.
Ceasing untrusted port destination logs for %s.
More that one client unicast packet with an untrusted
port destination was dropped. To avoid filling the log file with repeated attempts, untrusted port
destination attempts are not logged for the specified <
duration
>.
Ceasing untrusted relay information logs for <duration>.
More than one DHCPclient packet received
on an untrusted port with a relay information field was dropped. To avoid filling the log file with
repeated attempts, untrusted relay information packets will not be logged for the specified
<
duration
>.
Ceasing untrusted server logs for %s.
More than one packet was received from a DHCP server on
an untrusted port. To avoid filling the log file with repeated attempts, untrusted server drop packet
events are not logged for the specified <
duration
>.
Client address <mac-address> not equal to source MAC <mac-address> detected on port
<port-number>.
A client packet source MAC address does not match the “chaddr” field. This event
is recognized when the dhcp-snooping agent is enabled to filter DHCP client packets that do not
have a matching “chaddr” field and source MAC address.
Client packet destined to untrusted port <port-number> dropped.
The destination of a DHCP client
unicast packet is on an untrusted port. This event is recognized when a client unicast packet is
dropped because the destination address is for a port configured as untrusted.
DHCP packets being rate-limited.
Too many DHCP packets are flowing through the switch and
some are dropped.
Lease table is full, DHCP lease was not added.
The lease table is full and this lease is not added
to it.
Received untrusted relay information from client <mac-address> on port <port-number>.
Receipt
of a client packet containing a relay-information option field, recognized when a client packet
containing a relay-information option field is dropped when received on a port configured as
untrusted.
Server <ip-address> packet received on untrusted port <port-number> dropped.
A DHCP server
on an untrusted port is attempting to transmit a packet. This event is recognized by the reception
of a DHCP server packet on a port that is configured as untrusted.
Snooping table is full.
The DHCP binding table is full and subsequent bindings are dropped.
14
Updates for the HP Switch Software Access Security Guide