IP addresses in a DHCP address pool on S series switch are exhausted

If the number of allocatable IP addresses in the address pool exceeds the number of DHCP clients connected to the DHCP server, the address pool resources may be exhausted in the following situation:
- Many attackers apply for IP addresses or an attacker applies for many IP addresses by changing the CHADDR field in DHCP Discover messages. In this case, configure DHCP snooping.
- The DHCP server ping function has been configured on the DHCP server. This function allows the switch to ping allocated IP addresses before sending DHCP Offer messages. Any reply to the ping packets may cause the DHCP server to consider that an IP address conflict occurs, resulting in exhaustion of address pool resources. To solve this problem, use either of the following methods:
1. Configure port mirroring on the DHCP server to obtain the packet header, and determine whether address pool exhaustion is caused by the second reason. If yes, disable the corresponding client.
2. Run the undo dhcp server ping packet command to disable the DHCP server ping function.

Scroll to top