Using Storm Control Filters - Lenovo RackSwitch G8264CS Application Manual

Using Storm Control Filters

130
G8264CS Application Guide for ENOS 8.4
Excessive transmission of broadcast or multicast traffic can result in a network
storm. A network storm can overwhelm your network with constant broadcast or
multicast traffic, and degrade network performance. Common symptoms of a
network storm are denial‐of‐service (DoS) attacks, slow network response times,
and network operations timing out.
The G8264CS provides filters that can limit the number of the following packet
types transmitted by switch ports:
 Broadcast packets
 Multicast packets
 Unknown unicast packets (destination lookup failure)
Unicast packets whose destination MAC address is not in the Forwarding
Database are unknown unicasts. When an unknown unicast is encountered, the
switch handles it like a broadcast packet and floods it to all other ports in the
VLAN (broadcast domain). A high rate of unknown unicast traffic can have the
same negative effects as a broadcast storm.
Configure broadcast filters on each port that requires broadcast storm control. Set a
threshold that defines the total number of broadcast packets transmitted
(0‐2097151), in packets per second. When the threshold is reached, no more packets
of the specified type are transmitted.
To filter broadcast packets on a port, use the following commands:
RS 8264CS(config)# interface port 1
RS 8264CS(config-if)# storm-control broadcast level rate <packets per second>
To filter multicast packets on a port, use the following commands:
RS 8264CS(config-if)# storm-control multicast level rate <packets per second>
To filter unknown unicast packets on a port, use the following commands:
RS 8264CS(config-if)# storm-control unicast level rate <packets per second>
RS 8264CS(config-if)# exit