Configuring storm control on Cisco switch
<yambe:breadcrumb self="Configuring storm control on Cisco switch">Switch configuration notes|Switch configuration notes</yambe:breadcrumb>
Configuring storm control on cisco switch
Configuring storm control on 2950+ switch
For 2950+ switch we can also specify values in percentage rather than packets per second which is very convenient. Also unlike in case of 2912 and 2924 switches there are no default rising and falling values for packets per second set for each type of packet (unicast, broadcast and multicast). In these switches we cannot and need not set actions for all three types of packets separately. We can choose only one action trap, drop or shutdown for all types of storms. The limits however can be set differently for each types of packet per port.
To configure storm control on port 1 such that if more than 20% of port capacity is being used by broadcast or multicast traffic then shut the port. Again like in case of 2912 switches even if put some falling limit the port will not start automatically when storm is over. Administrator must take it out of err-disable state manually by using 'shut' followed by 'no shut' command.
config t interface fastethernet 0/1 storm-control broadcast level 20 10 storm-control multicast level 20 10 storm-control action shutdown
Checking storm control settings
To see current storm control status we can use command
show storm-control broadcast show storm-control multicast
Configuring storm control on 2912, 2924 switch
Enabling storm control
To configure storm control in 2912, 2924 switch we can use following steps:
config t interface fastethernet 0/1 port storm-control broadcast action shutdown
We can also use filter in place of shutdown in action. But shutdown is very effective and works really well. In labs it was found that even with storm-control if action is filter and not shutdown performance is seriously affected.
The default settings are 500 packets per second for broadcast for rising and 250 for falling. Similarly default values are 2500 packets per second for rising and 1200 for falling. In case these values are not acceptable you can adjust this using
port storm-control broadcast threshold rising <new_rising> falling <new_falling>
Limits for all three unicasts, multicasts and broadcasts and even their actions can be defined individually in 2912 and 2924 switches.
Note that unicast limiting has not been found necessary in lab experiments and default values of packets per minute for broadcast and multicast are good enough to protect network from storms without causing problems in legitimate usage.
Checking storm control settings
To see which ports are shut due to storm control because of excess broadcast you can use
show port strom-control broadcast
Similarly for multicast you can use
show port strom-control multicast
Enabling disabled ports
Once the port is shut due to storm control it wont come back up automatically even if traffic is zero. The administrator must manually administratively shutdown and start the port to make it up again. That is do following on port which is shut by storm control
config t interface fastethernet 0/1 shut no shut
<yambe:breadcrumb self="Configuring storm control on Cisco switch">Switch configuration notes|Switch configuration notes</yambe:breadcrumb>