Default Protocol Storm Protection Configuration; Enabling Protocol Storm Protection - Cisco Catalyst 3560-X Software Configuration Manual
Hide thumbs
Also See for Catalyst 3560-X:
- Command reference manual (1188 pages) ,
- Software configuration manual (1438 pages) ,
- Manual (276 pages)
Table of Contents
Advertisement
Configuring Protocol Storm Protection
Excess packets are dropped on no more than two virtual ports.
Note
Virtual port error disabling is not supported for EtherChannel and Flexlink interfaces
Default Protocol Storm Protection Configuration
Protocol storm protection is disabled by default. When it is enabled, auto-recovery of the virtual port is
disabled by default.
Enabling Protocol Storm Protection
Beginning in privileged EXEC mode, follow these steps to configure protocol storm protection.
Command
Step 1
configure terminal
Step 2
psp {arp | dhcp | igmp} pps value
Step 3
errdisable detect cause psp
Step 4
errdisable recovery interval time
Step 5
end
Step 6
show psp config {arp | dhcp | igmp}
This example shows how to configure protocol storm protection to drop incoming DHCP traffic on
DHCP when it exceeds 35 packets per second.
Switch# configure terminal
Switch(config)# psp dhcp pps 35
To disable protocol storm protection for a specific protocol, use the no psp {arp | dhcp | igmp}
privileged EXEC command.
To disable error-disable detection for protocol storm protection, use the no errdisable detect cause psp
global configuration command.
To manually re-enable an error-disabled virtual port, use the errdisable recovery cause psp global
configuration command.
To disable auto-recovery of error-disabled ports, use the no errdisable recovery cause psp global
configuration command.
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
1-20
Chapter 1
Purpose
Enter global configuration mode.
Configure protocol storm protection for ARP, IGMP, or DHCP.
For value, specify the threshold value for the number of packets per
second. If the traffic exceeds this value, protocol storm protection
is enforced. The range is from 5 to 50 packets per second.
(Optional) Enable error-disable detection for protocol storm
protection. If this feature is enabled, the virtual port is error
disabled. If this feature is disabled, the port drops excess packets
without error disabling the port.
(Optional) Configure an auto-recovery time (in seconds) for
error-disabled virtual ports. When a virtual port is error-disabled,
the switch auto-recovers after this time. The range is from 30 to
86400 seconds.
Return to privileged EXEC mode.
Verify your entries.
Configuring Port-Based Traffic Control
OL-25303-03
Advertisement
Table of Contents
Troubleshooting
