Using Storm Control Filters
© Copyright Lenovo 2016
Excessive transmission of broadcast or multicast traffic can result in a network
storm. A network storm can overwhelm your network with constant broadcast or
multicast traffic, and degrade network performance. Common symptoms of a
network storm are denial‐of‐service (DoS) attacks, slow network response times,
and network operations timing out.
The G8264 provides filters that can limit the number of the following packet types
transmitted by switch ports:
Broadcast packets
Multicast packets
Unknown unicast packets (destination lookup failure)
Unicast packets whose destination MAC address is not in the Forwarding
Database are unknown unicasts. When an unknown unicast is encountered, the
switch handles it like a broadcast packet and floods it to all other ports in the
VLAN (broadcast domain). A high rate of unknown unicast traffic can have the
same negative effects as a broadcast storm.
Configure broadcast filters on each port that requires broadcast storm control. Set a
threshold that defines the total number of broadcast packets transmitted
(0‐2097151), in packets per second. When the threshold is reached, no more packets
of the specified type are transmitted.
To filter broadcast packets on a port, use the following commands:
RS G8264(config)# interface port 1
RS G8264(configif)# stormcontrol broadcast level rate <packets per second>
To filter multicast packets on a port, use the following commands:
RS G8264(configif)# stormcontrol multicast level rate <packets per second>
To filter unknown unicast packets on a port, use the following commands:
RS G8264(configif)# stormcontrol unicast level rate <packets per second>
RS G8264(configif)# exit
Chapter 7: Access Control Lists
139