Configuring storm control on Cisco switch

From Notes_Wiki

Home > Switch configuration notes > Configuring storm control on Cisco switch

Configuring storm control on 2950+ switch

For 2950+ switch we can also specify values in percentage rather than packets per second which is very convenient. Also unlike in case of 2912 and 2924 switches there are no default rising and falling values for packets per second set for each type of packet (unicast, broadcast and multicast). In these switches we cannot and need not set actions for all three types of packets separately. We can choose only one action trap, drop or shutdown for all types of storms. The limits however can be set differently for each types of packet per port.

To configure storm control on port 1 such that if more than 20% of port capacity is being used by broadcast or multicast traffic then shut the port. Again like in case of 2912 switches even if put some falling limit the port will not start automatically when storm is over. Administrator must take it out of err-disable state manually by using 'shut' followed by 'no shut' command.

config t
interface fastethernet 0/1
storm-control broadcast level 20 10
storm-control multicast level 20 10
storm-control action shutdown


Checking storm control settings

To see current storm control status we can use command

show storm-control broadcast
show storm-control multicast



Configuring storm control on 2912, 2924 switch

Enabling storm control

To configure storm control in 2912, 2924 switch we can use following steps:

config t
interface fastethernet 0/1
port storm-control broadcast action shutdown

We can also use filter in place of shutdown in action. But shutdown is very effective and works really well. In labs it was found that even with storm-control if action is filter and not shutdown performance is seriously affected.

The default settings are 500 packets per second for broadcast for rising and 250 for falling. Similarly default values are 2500 packets per second for rising and 1200 for falling. In case these values are not acceptable you can adjust this using

port storm-control broadcast threshold rising <new_rising> falling <new_falling>

Limits for all three unicasts, multicasts and broadcasts and even their actions can be defined individually in 2912 and 2924 switches.

Note that unicast limiting has not been found necessary in lab experiments and default values of packets per minute for broadcast and multicast are good enough to protect network from storms without causing problems in legitimate usage.


Checking storm control settings

To see which ports are shut due to storm control because of excess broadcast you can use

show port strom-control broadcast

Similarly for multicast you can use

show port strom-control multicast



Enabling disabled ports

Once the port is shut due to storm control it wont come back up automatically even if traffic is zero. The administrator must manually administratively shutdown and start the port to make it up again. That is do following on port which is shut by storm control

config t
interface fastethernet 0/1
shut
no shut


Home > Switch configuration notes > Configuring storm control on Cisco switch