SecureStack C3, firmware 1.02.01.0004 and higher
SecureStack C2, firmware 5.02.01.0006 and higher
SecureStack B3, firmware 1.02.01.0004 and higher
SecureStack B2, firmware 4.02.01.0006 and higher
G-Series, firmware 1.02.00.0043 and higher
Enabled and configured the DHCP Snooping feature ('
Port link is down.
Port is not passing traffic.
The output of a '
show port status
B3(su)->show port status ge.1.1
Alias Oper Admin Speed
Port (truncated) Status Status (bps) Duplex Type
--------- ------------ ------- ------- --------- ------- ------------
ge.1.1 Down D-Down N/A N/A BaseT RJ45/PoE[/code]
1 : up
2 : down
3 : testing
Description "The desired state of the interface. The testing(3) state
indicates that no operational packets can be passed. When a
managed system initializes, all interfaces start with
ifAdminStatus in the down(2) state. As a result of either
explicit management action or per configuration information
retained by the managed system, ifAdminStatus is then
changed to either the up(1) or testing(3) states (or remains
in the down(2) state)."[/code]
DHCP Snooping's Rate Limiting behavior examines each untrusted port for received DHCP packets exceeding a configurable rate per burst interval (by default, 15 packets per second). If the receive rate exceeds the limit, DHCP Snooping brings down the port, and its
Examine your DHCP Snooping setup to determine whether or not the action that has been taken is valid, then take any corrective action that is warranted.
If this port is giving network access to a valid DHCP server, designate it as a trusted port ('set dhcpsnooping trust port <port_string> enable').
If this port is giving network access to a rogue DHCP server, remove/disable the server.
To re-enable the port as desired, use the command 'set port enable <port_string>'.
For more about the DHCP Snooping feature, please refer to the Configuration Guide or CLI Reference Guide for your product and firmware version.
See also: 12008.