CH A P T E R

43

Configuring Storm Control

This chapter describes how to configure port-based traffic control on the Catalyst 4500 series switch. This chapter consists of these sections:

About Storm Control, page 43-1 Enabling Broadcast Storm Control, page 43-3 Enabling Multicast Storm Control, page 43-4 Disabling Broadcast Storm Control, page 43-5 Disabling Multicast Storm Control, page 43-6 Displaying Storm Control, page 43-6

Note

For complete syntax and usage information for the switch commands used in this chapter, look at the Cisco Catalyst 4500 Series Switch Command Reference and related publications at this location: http://www.cisco.com/en/US/products/hw/switches/ps4324/index.html If the command is not found in the Catalyst 4500 Command Reference, it is located in the larger Cisco IOS library. Refer to the Catalyst 4500 Series Switch Cisco IOS Command Reference and related publications at this location: http://www.cisco.com/en/US/products/ps6350/index.html

About Storm Control

This section contains the following subsections:

Hardware-based Storm Control Implementation, page 43-2 Software-based Storm Control Implementation, page 43-2

Storm control prevents LAN interfaces from being disrupted by a broadcast storm. A broadcast storm occurs when broadcast packets flood the subnet, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation or in the network configuration can cause a broadcast storm.

Software Configuration GuideRelease IOS-XE 3.1.0 SG OL-22250-01

43-1

Chapter 43 About Storm Control

Configuring Storm Control

Note

Storm control and Multicast storm control are supported in hardware on all ports on WS-X4516, WS-X4013+10GE, WS-X4516-10GE, WS-C4948, WS-C4948-10GE, and Supervisor Engine 7-E.

Hardware-based Storm Control Implementation

Broadcast suppression uses filtering that measures broadcast activity in a subnet over a one-second interval and compares the measurement with a predefined threshold. If the threshold is reached, further broadcast activity is suppressed for the duration of the interval. Broadcast suppression is disabled by default. Figure 43-1 shows the broadcast traffic patterns on a LAN interface over a given interval. In this example, broadcast suppression occurs between times T1 and T2 and between T4 and T5. During those intervals, the amount of broadcast traffic exceeded the configured threshold.
Figure 43-1 Storm Control Example - Hardware-based Implementation

The broadcast suppression threshold numbers and the time interval combination make the broadcast suppression algorithm work with different levels of granularity. A higher threshold allows more broadcast packets to pass through. Broadcast suppression on the Catalyst 4500 series switches (including Supervisor Engine 7-E) is implemented in hardware. The suppression circuitry monitors packets passing from a LAN interface to the switching bus. If the packet destination address is broadcast, then the broadcast suppression circuitry tracks the current count of broadcasts within the one-second interval, and when a threshold is reached, it filters out subsequent broadcast packets. Because hardware broadcast suppression uses a bandwidth-based method to measure broadcast activity, the most significant implementation factor is setting the percentage of total available bandwidth that can be used by broadcast traffic. Because packets do not arrive at uniform intervals, the one-second interval during which broadcast activity is measured can affect the behavior of broadcast suppression.

Software-based Storm Control Implementation

When storm control is enabled on an interface, the switch monitors packets received on the interface and determines whether the packets are broadcast. The switch monitors the number of broadcast packets received within a one-second time interval. When the interface threshold is met, all incoming data traffic

Software Configuration GuideRelease IOS-XE 3.1.0 SG

43-2

OL-22250-01

Chapter 43

Configuring Storm Control Enabling Broadcast Storm Control

on the interface is dropped. This threshold is specified as a percentage of total available bandwidth that can be used by broadcast traffic. If the lower threshold is specified, all data traffic is forwarded as soon as the incoming traffic falls below that threshold.

Enabling Broadcast Storm Control

To enable storm control, perform this task: Command
Step 1 Step 2 Step 3
Switch# configure terminal Switch(config)# interface interface-id Switch(config-if)# storm-control broadcast level [high level] [lower level]

Purpose Enters global configuration mode. Enters interface configuration mode and enter the port to configure. Configures broadcast storm control. Specifies the upper threshold levels for broadcast traffic. The storm control action occurs when traffic utilization reaches this level. (Optional) Specifies the falling threshold level. The normal transmission restarts (if the action is filtering) when traffic drops below this level for interfaces that support software-based suppression.
Note

For ports that perform hardware-based suppression, the lower threshold is ignored.

Step 4

Switch(config-if)# storm-control action {shutdown | trap}

Specifies the action to be taken when a storm is detected. The default is to filter out the broadcast traffic and not to send out traps. The shutdown keyword sets the port to error-disable state during a storm. If the recover interval is not set, the port remains in shutdown state.

Step 5 Step 6 Step 7 Step 8

Switch(config-if)# exit Switch(config)# end Switch# show storm-control [interface] broadcast Switch# copy running-config startup-config

Returns to configuration mode. Returns to privileged EXEC mode. Displays the number of packets suppressed. (Optional) Saves your entries in the configuration file.

The following example shows how to enable storm control on interface.

Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface fa3/1 Switch(config-if)# storm-control broadcast level 50 Switch(config-if)# end Switch# show storm-control Interface Filter State Broadcast Multicast Level --------- ------------- --------- --------- ----Fi3/1 Forwarding Enabled Disabled 50.00% Switch# show int fa2/1 capabilities FastEthernet2/1 Model: WS-X4148-RJ45V-RJ-45

Software Configuration GuideRelease IOS-XE 3.1.0 SG OL-22250-01

43-3

Chapter 43 Enabling Multicast Storm Control

Configuring Storm Control

Type: Speed: Duplex: Auto-MDIX: Trunk encap. type: Trunk mode: Channel: Broadcast suppression: Multicast suppression: Flowcontrol: VLAN Membership: Fast Start: CoS rewrite: ToS rewrite: Inline power: SPAN: UDLD: Link Debounce: Link Debounce Time: Port Security: Dot1x: Maximum MTU: Multiple Media Types: Diagnostic Monitoring:

10/100BaseTX 10,100,auto half,full,auto no 802.1Q on,off,desirable,nonegotiate yes percentage(0-100), hw percentage(0-100), hw rx-(none),tx-(none) static, dynamic yes yes yes yes (Cisco Voice Protocol) source/destination yes no no yes yes 1552 bytes (Baby Giants) no N/A\

Note

Supervisor Engine 7-E supports multicast suppression

Enabling Multicast Storm Control

Supervisor Engine 7-E supports per-interface multicast suppression. This allows the user to subject incoming multicast and broadcast traffic on an interface to suppression.

Note

Multicast and broadcast suppression share a common threshold per interface. Multicast suppression takes effect only if broadcast suppression is enabled. Disabling broadcast suppression on an interface also disables multicast suppression. To enable multicast suppression, perform this task:

Command
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6
Switch# configure terminal Switch(config)# interface interface-id

Purpose Enters global configuration mode. Enters interface configuration mode and enter the port to configure. Enables multicast suppression. Returns to configuration mode. Returns to privileged EXEC mode. Verifies the configuration.

Switch(config-if)# storm-control broadcast include multicast Switch(config-if)# exit Switch(config)# end Switch# show storm-control

Software Configuration GuideRelease IOS-XE 3.1.0 SG

43-4

OL-22250-01

Chapter 43

Configuring Storm Control Disabling Broadcast Storm Control

The following example shows how to enable multicast suppression on ports that have broadcast suppression already enabled:
Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# int fa3/1 Switch(config-if)# storm-control broadcast include multicast Switch(config-if)# end Switch# Switch# show storm-control Interface Filter State Broadcast Multicast Level --------- ------------- --------- --------- ----Fi3/1 Forwarding Enabled Enabled 50.00%

Disabling Broadcast Storm Control

To disable storm control, perform this task: Command
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8
Switch# configure terminal Switch(config)# interface

Purpose Enters global configuration mode. interface-id Enters interface configuration mode and enter the port to configure. Disables port storm control. Disables the specified storm control action and returns to default filter action. Returns to configuration mode. Returns to privileged EXEC mode. Verifies your entries. (Optional) Saves your entries in the configuration file.

Switch(config-if)# no storm-control broadcast level Switch(config-if)# no storm-control action {shutdown | trap} Switch(config-if)# exit Switch(config)# end Switch# show storm-control broadcast Switch# copy running-config startup-config

The following example shows how to disable storm control on interface.

Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# int fa3/1 Switch(config-if)# no storm-control broadcast level Switch(config-if)# end

Software Configuration GuideRelease IOS-XE 3.1.0 SG OL-22250-01

43-5

Chapter 43 Disabling Multicast Storm Control

Configuring Storm Control

Switch# show storm-control Interface Filter State Upper --------- ------------- ------Switch#

Lower -------

Current -------

Disabling Multicast Storm Control

To disable multicast suppression, perform this task: Command
Step 1 Step 2 Step 3 Step 4 Step 5
Switch# configure terminal Switch(config)# [no] storm-control broadcast include multicast Switch(config-if)# no storm-control broadcast level Switch(config-if)# end Switch(config)# end

Purpose Enters global configuration mode. Enables/disables multicast suppression. Disables port storm control (broadcast and multicast). Returns to configuration mode. Returns to privileged EXEC mode.

Displaying Storm Control

Note

Use the show interface capabilities command to determine the mode in which storm control is supported on an interface. The following example shows an interface that supports broadcast suppression in software (sw).
Switch# show int fa2/1 capabilities FastEthernet2/1 Model: WS-X4148-RJ45V-RJ-45 Type: 10/100BaseTX Speed: 10,100,auto Duplex: half,full,auto Auto-MDIX: no Trunk encap. type: 802.1Q Trunk mode: on,off,desirable,nonegotiate Channel: yes Broadcast suppression: percentage(0-100), hw Multicast suppression: percentage(0-100), hw Flowcontrol: rx-(none),tx-(none) VLAN Membership: static, dynamic Fast Start: yes CoS rewrite: yes ToS rewrite: yes Inline power: yes (Cisco Voice Protocol) SPAN: source/destination UDLD: yes Link Debounce: no Link Debounce Time: no Port Security: yes Dot1x: yes Maximum MTU: 1552 bytes (Baby Giants) Multiple Media Types: no Diagnostic Monitoring: N/A

Software Configuration GuideRelease IOS-XE 3.1.0 SG

43-6

OL-22250-01

Chapter 43

Configuring Storm Control Displaying Storm Control

Note

Use the show interfaces counters storm-control command to display a count of discarded packets.
Switch# show interfaces counters storm-control Port Broadcast Multicast Level Fa2/1 Enabled Disabled 10.00% Gi3/1 Enabled Enabled 50.00%

TotalSuppressedPackets 46516510 0

The following example shows the output of the show storm-control command:
Switch# show storm-control Interface Filter State Upper --------- ------------- ------Gi4/4 Forwarding 2.00% Switch Lower ------2.00% Current ------N/A

Note

In the previous example, current represents the percentage of traffic suppressed at a given instant, and the value is N/A for ports that perform suppression in hardware.
Switch# show storm-control Interface Filter State Broadcast --------- ------------- --------Fa2/1 Blocking Enabled Gi3/1 Link Down Enabled

Multicast Level --------- ----Disabled 10.00% Enabled 50.00%

Software Configuration GuideRelease IOS-XE 3.1.0 SG OL-22250-01

43-7

Chapter 43 Displaying Storm Control

Configuring Storm Control

Software Configuration GuideRelease IOS-XE 3.1.0 SG

43-8

OL-22250-01