11-14
Configuring Advanced Threat Protection
DHCP Snooping
■ HP recommends running a time synchronization protocol such as SNTP 
in order to track lease times accurately.
■ A remote server must be used to save lease information or there may be 
a loss of connectivity after a switch reboot.
Log Messages
Server <ip-address> packet received on untrusted port <port-number> 
dropped.  Indicates a DHCP server on an untrusted port is attempting to 
transmit a packet. This event is recognized by the reception of a DHCP server 
packet on a port that is configured as untrusted.
Ceasing untrusted server logs for %s.  More than one packet was 
received from a DHCP server on an untrusted port. To avoid filling the log file 
with repeated attempts, untrusted server drop packet events will not be logged 
for the specified <duration>.
Client packet destined to untrusted port <port-number> 
dropped.  Indicates that the destination of a DHCP client unicast packet is 
on an untrusted port. This event is recognized when a client unicast packet is 
dropped because the destination address is out a port configured as untrusted.
Ceasing untrusted port destination logs for %s.  More that one client 
unicast packet with an untrusted port destination was dropped. To avoid filling 
the log file with repeated attempts, untrusted port destination attempts will 
not be logged for the specified <duration>.
Unauthorized server <ip-address> detected on port
<port-number>.  Indicates that an unauthorized DHCP server is attempting 
to send packets. This event is recognized when a server packet is dropped 
because there are configured authorized servers and a server packet is 
received from a server that is not configured as an authorized server.
Ceasing unauthorized server logs for <duration>.  More than one unau-
thorized server packet was dropped. To avoid filling the log file with repeated 
attempts, unauthorized server transmit attempts will not be logged for the 
specified <duration>.
Received untrusted relay information from client <mac-address> on 
port <port-number>.  Indicates the reception on an untrusted port of a 
client packet containing a relay information option field. This event is recog-
nized when a client packet containing a relay information option field is 
dropped because it was received on a port configured as untrusted.