This article explains:
a. Feature used to prevent a client from sending multiple IP address request using different mac addresses.
b. Configuring the "DHCP exhaustion prevention" feature on the controller.
c. Verifying the configured feature.
This article applies to all the controllers running at least AOS software version 126.96.36.199. Any version prior to this do not support the feature explained in this article.
A new feature called "DHCP Exhaustion Prevention" is introduce in AOS version 6.2.x.x. When this feature is enabled, the controller checks the DHCP DISCOVER frame's source MAC and compares with the requesting client's hardware address. In case, the two do not match, the packet is dropped. Thus, a client is prevented from submitting multiple DHCP requests with different hardware addresses which in turn helps in saving IP addresses.
This can be enabled by turning on the "Prevent DHCP Exhaustion" knob under the Stateful Firewall on the controller.
Environment : Aruba OS version 188.8.131.52 is used to recreate the scenario and get the sample output explained in this article.
By default, this feature is disabled on the controller.
Navigate to Configuration> Advanced Services> Stateful Firewall