What is Storm Control?
A LAN storm is the result of an excessive number of broadcast, multicast, or
unknown unicast messages simultaneously transmitted across a network by a
single port. Forwarded message responses can overload network resources and
cause network congestion.
The storm control feature allows the switch to measure the incoming
broadcast, multicast, and/or unknown unicast packet rate per port and discard
packets when the rate exceeds the defined threshold. Storm control is enabled
per interface, by defining the packet type and the rate at which the packets
are transmitted. For each type of traffic (broadcast, multicast, or unknown
unicast) you can configure a threshold level, which is expressed as a
percentage of the total available bandwidth on the port. If the ingress rate of
that type of packet is greater than the configured threshold level the port
drops the excess traffic until the ingress rate for the packet type falls below
The actual rate of ingress traffic required to activate storm-control is based on
the size of incoming packets and the hard-coded average packet size of 512
bytes - used to calculate a packet-per-second (pps) rate - as the forwarding-
plane requires PPS versus an absolute rate Kbps. For example, if the
configured limit is 10%, this is converted to ~25000 PPS, and this PPS limit
is set in the hardware. You get the approximate desired output when 512 bytes
packets are used.
What are Protected Ports?
The switch supports up to three separate groups of protected ports. Traffic
can flow between protected ports belonging to different groups, but not
within the same group.
A port can belong to only one protected port group. You must remove an
interface from one group before adding it to another group.
Port protection occurs within a single switch. Protected port configuration
does not affect traffic between ports on two different switches. No traffic
forwarding is possible between two protected ports.
Configuring Port-Based Traffic Control