68
C
3: M
HAPTER
ANAGING
Enabling Storm
Control
D
S
EVICE
ECURITY
Max Entries — Specifies the number of MAC address that can be
■
learned on the port. The Max Entries field is enabled only if Locked is
selected in the Set Port field. In addition, the Limited Dynamic Lock
mode is selected. The field range is 1- 128. The default is 1.
Action on Violation — Defines the action to be applied to packets
■
arriving in single-host mode, from a host whose MAC address is not
the supplicant MAC address. The possible field values are:
Forward — Forwards the packet.
■
Discard — Discards the packets. This is the default value.
■
Shutdown — Discards the packets and shuts down the port. The
■
port remains shut down until reactivated, or until the device is
reset.
Trap — Enables traps when a packet is received on a locked port.
■
Trap Frequency (Sec) — The amount of time (in seconds) between
■
traps. The default value is 10 seconds.
2 Define the fields.
3 Click
. The Port Security settings are modified, and the device is
updated.
Storm control limits the amount of Multicast, Broadcast and Unknown
Unicast frames accepted and forwarded by the device. When Layer 2
frames are forwarded, Broadcast, Multicast and Unknown Unicast frames
are flooded to all ports on the relevant VLAN. This occupies bandwidth,
and loads all nodes on all ports.
A Broadcast Storm is a result of an excessive amount of broadcast
messages simultaneously transmitted across a network by a single port.
Forwarded message responses are heaped onto the network, straining
network resources or causing the network to time out.
Storm control is enabled for all Gigabit ports by defining the packet type
and the rate the packets are transmitted. The system measures the
incoming Broadcast and Multicast frame rates separately on each port,
and discards the frames when the rate exceeds a user-defined rate.