Thursday, July 5, 2012

Storm Control

  • Catalyst switches need rate-limiting traffic at layer-2
  • To do this uses the storm-control commands.
  • Storm control configured to set min & max port traffic (unicast, multicast & broadcast).
  • Each rate limit can be configured on a per-port basis.
  • Storm control can be configured on each type of traffic based on
    • Either packet rate or a percentage of the interface bandwidth.
  • We can also specify rising & falling thresholds for each traffic type.
  • If we don't specify falling threshold or if the falling threshold is the same as the rising threshold
    • the switch port forward all traffic up to the configured limit 
    • and will not wait for the specified falling threshold before forwarding it again.
  • When any of the configured threshold is passed, the switch can take 3 additional actions (also on port basis)
    • 1st & default is the switch can rate-limit by discarding excess traffic according to the configured commands & take no further action.
    • The other 2 actions include performing the rate-limiting function & either shutting down the port or sending an SNMP trap.
  • Commands
    • interface f0/0
      • storm-control broadcast level pps 100 50
        • limit broadcast traffic to 100packets per seconds
        • when traffic drops back to 50 pack/sec, begin forwarding traffic again.
      • storm-control multicast level 0.50 0.40
        • limit multicast traffic to 0.5 percent of the 100Mbps interface rate
        • when traffic drops back to 400kbps, begin forwarding again
      • storm-control action trap
        • any of above conditions occure & results in rate-limiting, send an SNMP trap.
    • show storm-control f0/0 {unicast | multicast \ broadcast }
  • Limitation:
    • it supports only physical ports
      • storm control configure on etherchannel interface, but it has no effect.