Configuring Traffic Storm Control

Information About Traffic Storm Control

A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on Ethernet interfaces by a broadcast or multicast traffic storm.

Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast or multicast traffic over a 10-microsecond interval. During this interval, the traffic level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends.

The following figure shows the broadcast traffic patterns on an Ethernet interface during a specified time interval. In this example, traffic storm control occurs between times T1 and T2 and between T4 and T5. During those intervals, the amount of broadcast traffic exceeded the configured threshold.

Figure 1. Broadcast Suppression

The traffic storm control threshold numbers and the time interval allow the traffic storm control algorithm to work with different levels of packet granularity. For example, a higher threshold allows more packets to pass through.

Traffic storm control is implemented in the hardware. The traffic storm control circuitry monitors packets that pass from an Ethernet interface to the switching bus. Using the Individual/Group bit in the packet destination address, the circuitry determines if the packet is broadcast, tracks the current count of packets within the 10-microsecond interval, and filters out subsequent packets when a threshold is reached.

Cisco Nexus N3548 Series switches support aggregation mode on traffic storm control. In Cisco NX-OS, the traffic types are configured in line rate by default. When the broadcast and multicast storm control is enabled, the traffic is filtered according to the rate configured for each levels. However, in aggregation mode, all traffic types including unicast, multicast, and broadcast are filtered according to the rate configured at the port level.

Traffic storm control uses a bandwidth-based method to measure traffic. You set the percentage of total available bandwidth that the controlled traffic can use. Because packets do not arrive at uniform intervals, the 10-microsecond interval can affect the operation of traffic storm control.

The following are examples of how traffic storm control operation is affected:

  • If you enable broadcast traffic storm control, and broadcast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all exceeding broadcast traffic until the end of the interval.

  • If you enable multicast traffic storm control, and the multicast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all exceeding multicast traffic until the end of the interval.

  • If you enable broadcast and multicast traffic storm control, and broadcast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all exceeding broadcast traffic until the end of the interval.

  • If you enable broadcast and multicast traffic storm control, and multicast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all exceeding multicast traffic until the end of the interval.

By default, Cisco NX-OS takes no corrective action when traffic exceeds the configured level.

Guidelines and Limitations for Traffic Storm Control

When configuring the traffic storm control level, follow these guidelines and limitations:

  • Egress multicast storm control is not supported.

  • You can configure traffic storm control on a port-channel interface.

  • Specify the level as a percentage of the total interface bandwidth:

    • The level can be from 0 to 100.

    • The optional fraction of a level can be from 0 to 99.

    • 100 percent means no traffic storm control.

    • 0.0 percent suppresses all traffic.

  • There are local link and hardware limitations that prevent storm-control drops from being counted separately. Instead, storm-control drops are counted with other drops in the indiscards counter.

  • Because of hardware limitations and the method by which packets of different sizes are counted, the level percentage is an approximation. Depending on the sizes of the frames that make up the incoming traffic, the actual enforced level might differ from the configured level by several percentage points.

  • Unicast and broadcast storm control is currently available for both Cisco Nexus N3548 Series switches and Cisco Nexus N3548-X Series switches.

  • Enabling port level storm control forces aggregation mode that filters unicast, broadcast, and multicast traffic.

  • Enabling port level storm control, filters all types of traffic such as multicast, broadcast, unicast. Unicast traffic both known and unknown is filtered only when there is MC / BC traffic along with UC traffic, and the rate of MC/BC traffic exceeds configured port storm control level, until the overall traffic rate falls below the storm-control level. In other words, port level storm-control will not filter unicast traffic when there is just unicast traffic on the link or MC/BC traffic on the link is within the configured storm-control level.

  • Configuring storm control values at the port level overrides multicast and broadcast rate limit values limiting all the traffic to a single traffic threshold.

    • Port level storm control uses multicast rate limit values.

    • A traffic threshold fraction value that is less than 10 is rounded off to 0 and that information is displayed as a warning message. The round off value is based on port speed of 0.9 for 10G port, 89 for 1G port and 3 for 40G ports.

  • If multicast is enabled and you disable the port level storm control, the multicast values continue to function at a value that is configured at the port level.

  • If multicast is disabled and you disable the port level storm control, the multicast values and the registries get reset.

Configuring Traffic Storm Control

You can set the percentage of total available bandwidth that the controlled traffic can use.


Note


Traffic storm control uses a 10-microsecond interval that can affect the operation of traffic storm control.


Procedure

  Command or Action Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# interface {ethernet slot/port | port-channel number}

Enters interface configuration mode.

Step 3

switch(config-if)# [no] storm-control [broadcast | multicast] level percentage[.fraction]

Configures traffic storm control for traffic on the interface. The default state is disabled.

Example

This example shows how to configure traffic storm control for port channels 122 and 123:

switch# configure terminal
switch(config)# interface port-channel 122, port-channel 123
switch(config-if-range)# storm-control multicast level 66.75
switch(config-if-range)# storm-control broadcast level 66.75
switch(config-if-range)# 

Verifying the Traffic Storm Control Configuration

Use the following commands to display traffic storm control configuration information:

Command

Purpose

show interface [ethernet slot/port | port-channel number] counters storm-control

Displays the traffic storm control configuration for the interfaces.

show running-config interface

Displays the traffic storm control configuration.

Traffic Storm Control Example Configuration

This example shows how to configure traffic storm control:

switch# configure terminal
switch(config)# interface ethernet 1/4
switch(config-if)# storm-control broadcast level 40
switch(config-if)# storm-control multicast level 40

Default Settings for Traffic Storm Control

The following table lists the default settings for traffic storm control parameters.

Table 1. Default Traffic Storm Control Parameters

Parameters

Default

Traffic storm control

Disabled

Threshold percentage

100