Configuring Protected Ports - Cisco WS-CBS3032-DEL Software Configuration Manual

Configuring Protected Ports

Beginning in privileged EXEC mode, follow these steps to configure the threshold level for each
interface:
Command
Step 1 configure terminal
Step 2
errdisable detect cause small-frame
Step 3
errdisable recovery interval interval
Step 4 errdisable recovery cause small-frame
Step 5
interface interface-id
Step 6 small violation-rate pps
Step 7
end
Step 8 show interfaces interface-id
Step 9 copy running-config startup-config
This example shows how to enable the small-frame arrival-rate feature, configure the port recovery time,
and configure the threshold for error disabling a port:
Switch# configure terminal
Switch# errdisable detect cause small-frame
Switch# errdisable recovery cause small-frame
Switch(config)# interface gigabitethernet1/0/1
Switch(config-if)# small-frame violation rate 10000
Switch(config-if)# end
Configuring Protected Ports
Some applications require that no traffic be forwarded at Layer 2 between ports on the same switch so
that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use
of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between
these ports on the switch.
Protected ports have these features:
•
•
Because a switch stack represents a single logical switch, Layer 2 traffic is not forwarded between any
protected ports in the switch stack, whether they are on the same or different switches in the stack.
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
26-6
A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that
is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only
control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU
and forwarded in software. All data traffic passing between protected ports must be forwarded
through a Layer 3 device.
Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
Chapter 26
Purpose
Enter global configuration mode.
Enable the small-frame rate-arrival feature on the switch.
(Optional) Specify the time to recover from the specified
error-disabled state.
(Optional) Configure the recovery time for error-disabled ports to
be automatically re-enabled after they are error disabled by the
arrival of small frames
Enter interface configuration mode, and specify the interface to be
configured.
Configure the threshold rate for the interface to drop incoming
packets and error disable the port. The range is 1 to 10,000 packets
per second (pps)
Return to privileged EXEC mode.
Verify the configuration.
(Optional) Save your entries in the configuration file.
Configuring Port-Based Traffic Control
OL-13270-06