Chapter 2
Catalyst 3550 Switch Cisco IOS Commands
ip dhcp snooping limit rate
Use the ip dhcp snooping limit rate interface configuration command to configure the number of DHCP
messages an interface can receive per second. Use the no form of this command to return to the default
setting.
Syntax Description
rate
Defaults
DHCP snooping rate limiting is disabled.
Command Modes
Interface configuration
Command History
Release
12.1(19)EA1
12.2(25)SE
Usage Guidelines
Normally, the rate limit applies to untrusted interfaces. If you want to configure rate limiting for trusted
interfaces, keep in mind that trusted interfaces might aggregate DHCP traffic on multiple VLANs (some
of which might not be snooped) in the switch, and you will need to adjust the interface rate limits to a
higher value.
If the rate limit is exceeded, the interface is error-disabled. If you enabled error recovery by entering the
errdisable recovery dhcp-rate-limit global configuration command, the interface retries the operation
again when all the causes have timed out. If the error-recovery mechanism is not enabled, the interface
stays in the error-disabled state until you enter the shutdown and no shutdown interface configuration
commands.
Examples
This example shows how to set a message rate limit of 150 messages per second on an interface:
Switch(config-if)# ip dhcp snooping limit rate 150
You can verify your settings by entering the show ip dhcp snooping privileged EXEC command.
OL-8566-02
ip dhcp snooping limit rate rate
no ip dhcp snooping limit rate
Number of DHCP messages an interface can receive per second. The range is
1 to 2048.
Modification
This command was introduced.
The range was changed to 1 to 2048.
Catalyst 3550 Multilayer Switch Command Reference
ip dhcp snooping limit rate
2-161