Table of Contents
Advertisement
XG700 User's Guide
4.1.5 Storm Control
The XG700 discards broadcast frames when the number of received broadcast frames is over a given threshold to prevent
unnecessary waste of bandwidth due to retained broad cast frames on the network. This function is called "Storm Control".
For each port, it is possible to configure storm control.
When broadcast frames are discarded by Storm Control, error logs are output, after which storm control logging is disabled. To
re-enabled logging, violations must be cleared with "clear violation".
To configure Storm Control, carry out the following procedures in the administrator EXEC mode.
xg# configure terminal
xg(config)# interface port 1 2 3
xg(config)# interface port range 1 3
xg(config-if)# storm-control
xg(config-if)# exit
xg# exit
4.1.6 Port Security
Port security blocks connections attempted by unregistered hosts. When a host MAC address is registered, the XG700
receives only those frames that use permitted MAC addresses as source address.
For each port, it is possible to configure port security. To register a MAC address for a host, use the "bridge mac-address-table
static". The port to which the host is connected must be registered as a member port. In Independent VLAN Learning mode,
this must be done for all VLANs that permit transmission.
Either of the following two modes can be specified for a security-violating (unregistered) frame the XG700 receives.
−
−
Once a security violation is detected, an error log is recorded. No further detection of a violating frame will cause an error log to
be recorded until security violations are reset by "clear violation".
To configure Port Security, carry out the following procedures in the administrator EXEC mode.
xg# configure terminal
xg(config)# interface port 1 2 3
xg(config)# interface port range 1 3
xg(config-if)# port-security violation
{restrict | shutdown}
xg(config_if)# clear violation
xg(config-if)# exit
xg# exit
4.1.7 Ingress Rate Control
It is possible to set ingress rate limiting value for each port in approximately 40Mbps increments.
To set an ingress rate limiting value, carry out the following procedures in the administrator EXEC mode.
xg# configure terminal
xg(config)# interface port 1 2 3
xg(config)# interface port range 1 3
xg(config-if)# ingress-bandwidth <40-10000>
xg(config-if)# exit
xg# exit
The ingress rate is measured at 100us time intervals. Should burst transfer take place at intervals of 100us or over, the
ingress rate the XG700 actually allows may be less than the specified value.
Command
Restrict mode
Filters violating frames only, forwarding permitted frames.
Shutdown mode
Filters all frames upon reception of a violating frame.
Command
Command
All Rights Reserved, Copyright (C) PFU LIMITED 2005-2006
Switch to global configuration mode.
Switch to the interface edit mode for the port for which you
want to change the flow control mode.
In this example, the global interface configuration mode is
selected for ports 1 though 3.
Enable storm control.
Exit to global configuration mode.
Exit to administrator EXEC mode.
Switch to global configuration mode.
Switch to the interface edit mode for the port for which you
want to change the flow control mode.
In this example, the global interface configuration mode is
selected for ports 1 though 3.
Enable Port Security.
Clear security violations.
Exit to global configuration mode.
Exit to administrator EXEC mode.
Switch to global configuration mode.
Switch to the interface edit mode for the port for which you
want to change the flow control mode.
In this example, the global interface configuration mode is
selected for ports 1 though 3.
Specify an ingress rate limiting value.
Exit to global configuration mode.
Exit to administrator EXEC mode.
28/266
Task
Task
Task
Advertisement
Table of Contents
