Configuring Traffic Storm Control

Available Languages

Download Options

  • PDF     (1.2 MB)
    View with Adobe Reader on a variety of devices
Updated:July 29, 2013

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Configuring Traffic Storm Control

Configuring Traffic Storm Control

This topic describes how to configure the Traffic Storm Control feature on a Cisco ASR 1000 Series Aggregated Services Router.

Understanding Traffic Storm Control

A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. The Traffic Storm Control feature prevents LAN ports from being disrupted by a broadcast, multicast, or unicast traffic storm on physical interfaces.

On a Cisco ASR 1000 Series Aggregated Services Router, you can configure a bits per second policer committed information rate (CIR) on a service instance for broadcast, multicast, or unknown unicast traffic. The Hardware Assistant Policer Engine ensures that the rate does not exceed the configured policer rate. When the traffic exceeds the configured rate, packets are dropped to control the traffic.


Note

Traffic storm control is disabled by default.

Prerequisites for Configuring Traffic Storm Control

Ensure that you configure separate storm control policers for each of the broadcast, multicast, and unknown unicast traffic types. Traffic types that do not have a configured policer will not be traffic controlled. For example, multicast traffic will not be traffic controlled if you do not configure a storm control policer for it.

Configuring Traffic Storm Control

Perform the following steps to configure traffic storm control:

SUMMARY STEPS

    1.    interface {{type slot/port} | {port-channel number}}

    2.    no ip address

    3.    negotiation auto

    4.    service instance id ethernet

    5.    encapsulation dot1q vlan-id

    6.    storm-control {{unicast | broadcast | multicast} cir cir-value }

    7.    bridge-domain bridge-id

    8.    end


DETAILED STEPS
      Command or Action Purpose
    Step 1 interface {{type slot/port} | {port-channel number}}


    Example:
    Router(config)# interface GigabitEthernet 0/0/0
     

    Selects an interface to configure.

     
    Step 2 no ip address


    Example:
    Router(config-if)# no ip address
     

    Disables IP address processing.

     
    Step 3 negotiation auto


    Example:
    Router(config-if)# negotiation auto
     

    Enables advertisement of speed, duplex mode, and flow control on a Gigabit Ethernet interface.

     
    Step 4 service instance id ethernet


    Example:
    Router(config-if)# service instance 1 ethernet
     

    Configures an Ethernet service instance on an interface and enters the Ethernet service configuration mode.

     
    Step 5 encapsulation dot1q vlan-id


    Example:
    Router(config-if-srv)# encapsulation dot1q 1-4094
     

    Defines the matching criteria to be used in order to map ingress dot1q frames on an interface with the appropriate service instance.

     
    Step 6 storm-control {{unicast | broadcast | multicast} cir cir-value }


    Example:
    Router(config-if-srv)# storm-control unicast cir 8000
Router(config-if-srv)# storm-control broadcast cir 1500000
Router(config-if-srv)# storm-control multicast cir 980000000
     

    Sets the storm control rate for unicast, broadcast, or multicast.

     
    Step 7 bridge-domain bridge-id


    Example:
    Router(config-if-srv)# bridge-domain 1
     

    Binds the service instance to a bridge domain instance where bridge-id is the identifier.

     
    Step 8 end
     

    Exits the configuration mode.

     

    Examples

    The following example shows how to configure storm control rates for unicast, broadcast, and multicast traffic:

    Router(config)# interface GigabitEthernet0/0/0
Router(config-if)# no ip address
Router(config-if)# negotiation auto
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 1-4094
Router(config-if-srv)# storm-control unicast cir 8000
Router(config-if-srv)# storm-control broadcast cir 1500000
Router(config-if-srv)# storm-control multicast cir 980000000
Router(config-if-srv)# bridge-domain 1

    Use the show ethernet service instance id 1 interface GigabitEthernet 0/0/0 stats command to view the storm control statistics.

    Router# show ethernet service instance id 1 interface GigabitEthernet0/0/0 stats

Port maximum number of service instances: 8000
Service Instance 1, Interface GigabitEthernet0/0/0
   Pkts In   Bytes In   Pkts Out  Bytes Out
         0          0          0          0

StormControl Discard Pkts:
   Broadcast   Multicast   Unknown Unicast
        0          0          0

    Use the show platform software ethernet fp active efp id 1 interface GigabitEthernet0/0/0 command to view the Ethernet Flow Point (EFP) information in slot 1 of a Cisco ASR 1000 Series Aggregation Services Router.

    Router# show platform software ethernet fp active efp id 1 interface GigabitEthernet0/0/0

Forwarding Manager Ethernet Flow Points

EFP: ID: 1, DPIDB: 0x1020010, Data Type: static
     Interface: 8 (GigabitEthernet0/0/0)
     QFPIDX: 21
     QFPifname: GigabitEthernet0/0/0.EFP1
  State: AdminDown, Priority: 10
  First tag encap: dot1q, vlan-type: 0x8100
        vlan list: 1-4094
  DOT1AD Port Type: UNI
  Storm ctrl u_cir: 8000, m_cir: 980000000, b_cir: 1500000
  Bridge-domain: 1, Split-Horizon: None
    MAC-limit: 65536

    Configuring a Traffic Storm Control CIR

    Use the storm-control {broadcast|unicast|multicast [cos <value>] cir <value> command to configure the traffic storm control CIR for a Class of Service (CoS) and an address type. If you do not specify the CoS, but specify a CIR value, the default value for all the CoSs that are not specified will be an aggregate of the specified CIR. For example, in the following configuration, CIR 20000 will be the default CIR value for CoS 0,3,4,5, and 6 for the broadcast MAC address:

    Router(config)# interface gig 2/0
Router(config)# service instance 100 ethernet
Router(config-if)# storm-control broadcast cir 20000
Router(config-if)# storm-control broadcast cos 1 cir 10000
Router(config-if)# storm-control broadcast cos 2 cir 15000
Router(config-if)# storm-control broadcast cos 7 cir 15000

    Note

    Ensure that you configure the default CIR first before configuring the per CoS CIR. If the default CIR is not configured, the cos keyword will be disabled from the CLI. Before deleting the default CIR, ensure that you remove all per-CoS CIRs for the same address type.

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products