This is standard functionality on ePMP.
Is there a way to achieve this on 450B - where DHCP servers below the customer’s SM are blocked from responding. This would be useful if a customer accidentally plugged their SM cable into their router LAN port instead of the WAN port.
Does that block both UDP port 67 and 68? If it’s just specifically Bootp (p67) that would only prevent part of the issue.
We have that setting configured on all SM’s on the network, yet we still have the occasional customer plug in a router incorrectly and advertise DHCP on their VLAN.
Both bootp server and dhcp server use UDP port 67, and yes, that filter rule covers it and is what we use on our network.
Does this approach stop the customers router from being able to obtain a DHCP lease from our gateway upstream of the AP?
Thanks Eric. Its not often here, but even with it blocked we still see the occasional DHCP advertisement/broadcast originating from behind radios with this setting. It does not appear that the full connection can be made, but our monitoring system alerts us when there are “Rogue DHCP” advertisements on the system.
If you look closely at the image, you can filter bootp/dhcp server and/or client transactions in either the upstream and/or downstream direction.
