Contents

Configuring Traffic Storm Control

This chapter contains the following sections:

Information About Traffic Storm Control

A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on Ethernet interfaces by a broadcast, multicast, or unknown unicast traffic storm.

Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast, multicast, and unicast traffic over a 10-microsecond interval. During this interval, the traffic level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends.

The following figure shows the broadcast traffic patterns on an Ethernet interface during a specified time interval. In this example, traffic storm control occurs between times T1 and T2 and between T4 and T5. During those intervals, the amount of broadcast traffic exceeded the configured threshold.

Figure 1. Broadcast Suppression



The traffic storm control threshold numbers and the time interval allow the traffic storm control algorithm to work with different levels of packet granularity. For example, a higher threshold allows more packets to pass through.

Traffic storm control on the Cisco Nexus 3000 Series switch is implemented in the hardware. The traffic storm control circuitry monitors packets that pass from an Ethernet interface to the switching bus. Using the Individual/Group bit in the packet destination address, the circuitry determines if the packet is unicast or broadcast, tracks the current count of packets within the 10-microsecond interval, and filters out subsequent packets when a threshold is reached.

Traffic storm control uses a bandwidth-based method to measure traffic. You set the percentage of total available bandwidth that the controlled traffic can use. Because packets do not arrive at uniform intervals, the 10-microsecond interval can affect the operation of traffic storm control.

The following are examples of how traffic storm control operation is affected:

  • If you enable broadcast traffic storm control, and broadcast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all broadcast traffic until the end of the interval.

  • If you enable multicast traffic storm control, and the multicast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all multicast traffic until the end of the interval.

  • If you enable broadcast and multicast traffic storm control, and broadcast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all broadcast traffic until the end of the interval.

  • If you enable broadcast and multicast traffic storm control, and multicast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all multicast traffic until the end of the interval.

By default, Cisco NX-OS takes no corrective action when the traffic exceeds the configured level.

Guidelines and Limitations for Traffic Storm Control

When configuring the traffic storm control level, follow these guidelines and limitations:

  • You can configure traffic storm control on a port-channel interface.

  • Specify the level as a percentage of the total interface bandwidth:

    • The level can be from 0 to 100.

    • The optional fraction of a level can be from 0 to 99.

    • 100 percent means no traffic storm control.

    • 0.0 percent suppresses all traffic.

  • There are local link and hardware limitations that prevent storm-control drops from being counted separately. Instead, storm-control drops are counted with other drops in the indiscards counter.

  • Because of hardware limitations and the method by which packets of different sizes are counted, the level percentage is an approximation. Depending on the sizes of the frames that make up the incoming traffic, the actual enforced level might differ from the configured level by several percentage points.

  • Due to a hardware limitation, the output for the show interface counters storm-control command does not show any value for the total suppressed discards (TotalSuppDiscards) when storm control is configured and the interface is actually suppressing some traffic. Packet drops due to storm control are counted in the input discard counter.

Configuring Traffic Storm Control

You can set the percentage of total available bandwidth that the controlled traffic can use.


Note

Traffic storm control uses a 10-microsecond interval that can affect the operation of traffic storm control.

Procedure
     Command or ActionPurpose
    Step 1 switch# configure terminal
     

    Enters configuration mode.

     
    Step 2 switch(config)# interface {ethernet slot/port | port-channel number}
     

    Enters interface configuration mode.

     
    Step 3 switch(config-if)# storm-control {broadcast | multicast | unicast} level percentage[.fraction]
     

    Configures traffic storm control for traffic on the interface. The default state is disabled.

     

    This example shows how to configure unicast traffic storm control for Ethernet interface 1/4: 

    switch# configure terminal

    switch(config)# interface ethernet 1/4

    switch(config-if)# storm-control unicast level 40

    Verifying Traffic Storm Control Configuration

    To display traffic storm control configuration information, perform one of these tasks:

    Command

    Purpose

    switch# show interface [ethernet slot/port | port-channel number] counters storm-control

    Displays the traffic storm control configuration for the interfaces.

    Note   

    Traffic storm control uses a 10-microsecond interval that can affect the operation of traffic storm control.

    switch# show running-config interface

    Displays the traffic storm control configuration.

    Traffic Storm Control Example Configuration

    The following example shows how to configure traffic storm control: 

    switch# configure terminal

    switch(config)# interface ethernet 1/4

    switch(config-if)# storm-control broadcast level 40

    switch(config-if)# storm-control multicast level 40

    switch(config-if)# storm-control unicast level 40

    Default Traffic Storm Settings

    The following table lists the default settings for traffic storm control parameters.

    Table 1  Default Traffic Storm Control Parameters

    Parameters

    Default

    Traffic storm control

    Disabled

    Threshold percentage

    100

    Configuring Traffic Storm Control

    Configuring Traffic Storm Control

    This chapter contains the following sections:

    Information About Traffic Storm Control

    A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on Ethernet interfaces by a broadcast, multicast, or unknown unicast traffic storm.

    Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast, multicast, and unicast traffic over a 10-microsecond interval. During this interval, the traffic level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends.

    The following figure shows the broadcast traffic patterns on an Ethernet interface during a specified time interval. In this example, traffic storm control occurs between times T1 and T2 and between T4 and T5. During those intervals, the amount of broadcast traffic exceeded the configured threshold.

    Figure 1. Broadcast Suppression



    The traffic storm control threshold numbers and the time interval allow the traffic storm control algorithm to work with different levels of packet granularity. For example, a higher threshold allows more packets to pass through.

    Traffic storm control on the Cisco Nexus 3000 Series switch is implemented in the hardware. The traffic storm control circuitry monitors packets that pass from an Ethernet interface to the switching bus. Using the Individual/Group bit in the packet destination address, the circuitry determines if the packet is unicast or broadcast, tracks the current count of packets within the 10-microsecond interval, and filters out subsequent packets when a threshold is reached.

    Traffic storm control uses a bandwidth-based method to measure traffic. You set the percentage of total available bandwidth that the controlled traffic can use. Because packets do not arrive at uniform intervals, the 10-microsecond interval can affect the operation of traffic storm control.

    The following are examples of how traffic storm control operation is affected:

    • If you enable broadcast traffic storm control, and broadcast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all broadcast traffic until the end of the interval.

    • If you enable multicast traffic storm control, and the multicast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all multicast traffic until the end of the interval.

    • If you enable broadcast and multicast traffic storm control, and broadcast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all broadcast traffic until the end of the interval.

    • If you enable broadcast and multicast traffic storm control, and multicast traffic exceeds the level within the 10-microsecond interval, traffic storm control drops all multicast traffic until the end of the interval.

    By default, Cisco NX-OS takes no corrective action when the traffic exceeds the configured level.

    Guidelines and Limitations for Traffic Storm Control

    When configuring the traffic storm control level, follow these guidelines and limitations:

    • You can configure traffic storm control on a port-channel interface.

    • Specify the level as a percentage of the total interface bandwidth:

      • The level can be from 0 to 100.

      • The optional fraction of a level can be from 0 to 99.

      • 100 percent means no traffic storm control.

      • 0.0 percent suppresses all traffic.

    • There are local link and hardware limitations that prevent storm-control drops from being counted separately. Instead, storm-control drops are counted with other drops in the indiscards counter.

    • Because of hardware limitations and the method by which packets of different sizes are counted, the level percentage is an approximation. Depending on the sizes of the frames that make up the incoming traffic, the actual enforced level might differ from the configured level by several percentage points.

    • Due to a hardware limitation, the output for the show interface counters storm-control command does not show any value for the total suppressed discards (TotalSuppDiscards) when storm control is configured and the interface is actually suppressing some traffic. Packet drops due to storm control are counted in the input discard counter.

    Configuring Traffic Storm Control

    You can set the percentage of total available bandwidth that the controlled traffic can use.


    Note

    Traffic storm control uses a 10-microsecond interval that can affect the operation of traffic storm control.

    Procedure
       Command or ActionPurpose
      Step 1 switch# configure terminal
       

      Enters configuration mode.

       
      Step 2 switch(config)# interface {ethernet slot/port | port-channel number}
       

      Enters interface configuration mode.

       
      Step 3 switch(config-if)# storm-control {broadcast | multicast | unicast} level percentage[.fraction]
       

      Configures traffic storm control for traffic on the interface. The default state is disabled.

       

      This example shows how to configure unicast traffic storm control for Ethernet interface 1/4: 

      switch# configure terminal

      switch(config)# interface ethernet 1/4

      switch(config-if)# storm-control unicast level 40

      Verifying Traffic Storm Control Configuration

      To display traffic storm control configuration information, perform one of these tasks:

      Command

      Purpose

      switch# show interface [ethernet slot/port | port-channel number] counters storm-control

      Displays the traffic storm control configuration for the interfaces.

      Note   

      Traffic storm control uses a 10-microsecond interval that can affect the operation of traffic storm control.

      switch# show running-config interface

      Displays the traffic storm control configuration.

      Traffic Storm Control Example Configuration

      The following example shows how to configure traffic storm control: 

      switch# configure terminal

      switch(config)# interface ethernet 1/4

      switch(config-if)# storm-control broadcast level 40

      switch(config-if)# storm-control multicast level 40

      switch(config-if)# storm-control unicast level 40

      Default Traffic Storm Settings

      The following table lists the default settings for traffic storm control parameters.

      Table 1  Default Traffic Storm Control Parameters

      Parameters

      Default

      Traffic storm control

      Disabled

      Threshold percentage

      100