Allied Telesis C613-02013-00 manual Packet Storm Protection

Page 32

32

Rapier Switch User Guide

Packet Storm Protection

The packet storm protection feature allows the user to set limits on the reception rate of broadcast, multicast and destination lookup failure packets. The software allows separate limits to be set for each port, beyond which each of the different packet types are discarded. The software also allows separate limits to be set for each of the packet types. Which of these options can be implemented depends on the model of switch hardware.

By default, packet storm protection is set to NONE, that is, disabled. It can be enabled, and each of the limits can be set using the command:

SET SWITCH PORT=port-list[BCLIMIT={NONElimit}] [DLFLIMIT={NONElimit}] [MCLIMIT={NONElimit}]

For the Rapier 16 and 24-port switches, packet storm protection limits cannot be set for each individual port on the switch, but can be set for each processing block of ports. The processing blocks are sets of 8 ports (e.g. as many as are applicable of ports 1-8, 9-16 and 17-24) and each uplink port is a further processing block. Therefore, a 16-port switch has four processing blocks and a 24-port switch has five. The two uplink ports are numbered sequentially after the last port, and therefore are 17 and 18 for a 16-port, 25 and 26 for a 24-port switch. Only one limit can be set per processing block, and then applies to all three packet types. Thus each of the packet types are either limited to this value, or unlimited (NONE).

For the Rapier G6 series switches, each port is a processing block, and therefore packet storm protection limits can be set for each port individually.

The BCLIMIT parameter specifies a limit on the rate of reception of broadcast packets for the port(s). The value of this parameter represents a per second rate of packet reception above which packets will be discarded, for broadcast packets. If the value NONE or 0 is specified, then packet rate limiting for broadcast packets is turned off. If any other value is specified, the reception of broadcast packets will be limited to that number of packets per second. See the note below for important information about packet rate limiting. The default value for this parameter is NONE.

The DLFLIMIT parameter specifies a limit on the rate of reception of destination lookup failure packets for the port. The value of this parameter represents a per second rate of packet reception above which packets will be discarded, for destination lookup failure packets. If the value NONE or 0 is specified, then packet rate limiting for destination lookup failure packets is turned off. If any other value is specified, the reception of destination lookup failure packets will be limited to that number of packets per second. See the note after the BCLIMIT parameter description for important information about packet rate limiting. The default value for this parameter is NONE. If packet storm protection limits are set on the switch, the PORT parameter must specify complete processing blocks.

A destination lookup failure packet is one for which the switch hardware does not have a record of the destination address of the packet, either Layer 2 or Layer 3 address. These packets are passed to the CPU for further processing, so limiting the rate of reception of these packets may be a desirable feature to improve system performance.

The MCLIMIT parameter specifies a limit on the rate of reception of multicast packets for the port. The value of this parameter represents a per second rate of packet reception above which packets will be discarded, for multicast packets.

Rapier Switch Software Release 2.2.1 C613-02013-00 Rev A

Page 31 Page 33
Image 32
Page 31 Page 33
Contents User Guide Page Contents Documentation Roadmap Why Read This User Guide? ChapterWhere To Find More Information Technical supportWhat Can the Rapier Switch Do? Switching FeaturesRouting Features Advanced Feature Licence AT-RPFL3Upgrade Optional Features Simple Switching Command Line InterfaceGiving the Switch an IP Address Entering CommandsSET Password LoggingEnabling the GUI Enable AT-RPFL3Upgrade Feature LicenceEnable GUI Graphical User Interface Starting the GUINavigating Monitoring Show File User PrivilegesFile Subsystem Online CLI Help Show SystemConfiguration Scripts Saving Configuration Entered with the GUIDram NoneSaving Configuration Entered with the CLI EditorInstall Information Delete Install Show InstallReleases and Patches into the Switch Example Install Software Upgrade for Rapier Switch Load METHOD=HTTP DESTINATION=FLASHShow Load Enable SnmpSnmp and MIBs Enable Snmp Authenticatetrap Show SnmpSwitch Ports Enabling and Disabling Switch PortsEnabled ISO8802-3 CsmacdOFF STPAutonegotiation of Port Speed and Duplex Mode Acceptable Frames TypesPort Trunking SELECT=MACSRCMACDESTMACBOTHIPSRCIPDESTIPBOTHShow VLAN=ALL Packet Storm Protection Port Mirroring ADD Switch L3FILTER Match Enable Switch Mirror Disable Switch MirrorINTRUSIONACTION=NONEDISCARDTRAPDISABLE Port securityExample output from the Show Switch Port Intrusion command Virtual LANsRapier Switch User Guide Static and dynamic VLANs Creating VLANs Without Vlan TagsMarketing Vlan Switch Training Vlan Garp Trunk portsVlan Tagging Parameter MeaningFRAME=TAGGEDUNTAGGED Summary of Vlan Tagging Rules Tagged VLANsIngress Rules Layer 2 Switching ProcessGeneric Vlan Registration Protocol Gvrp Disable Switch Learning Learning ProcessEnable Switch Learning Enable Switch Ageingtimer Disable Switch AgeingtimerSET Switch AGEINGTIMER=10..1000000 Show SwitchExample output from the Show Switch Filter command Layer 2 FilteringEgress Rules FRAME=UNTAGGEDTAGGEDShow Switch QOS Quality of ServiceSET Switch QOS=P1,P2,P3,P4,P5,P6,P7,P8 Spanning Tree Protocol STP Spanning Tree Port StatesConfiguring STP SET STP=stpnameALL PRIORITY=0..65535 Example output from the Show STP command Parameters To display STP port information, use the command To show STP counters, use the command TCN BpduInterfaces to Layer 3 Protocols Igmp SnoopingPurge STP INTERFACE=VLAN3Show IP Igmp Enable IP Igmp Disable IP IgmpSET IP Igmp TIMEOUT=1..65535 QUERYINTERVAL=1..65535 Triggers Group ListEvent Page Internet Protocol IP Show IP InterfaceIP Multicasting Routing Information Protocol RIPUplink Novell IPXShow IPX Circuit Enable Rsvp AppleTalkResource Reservation Protocol Rsvp ActiveShow Rsvp Interface RAW

C613-02013-00 specifications

The Allied Telesis C613-02013-00 is a versatile and powerful network switch designed to meet the demands of modern networking environments. This device is part of Allied Telesis's extensive range of networking solutions, catering to both enterprise and industrial applications. It is engineered for high performance, reliability, and ease of management, making it a suitable choice for organizations that require robust connectivity solutions.

One of the main features of the C613-02013-00 is its support for advanced Layer 2 switching capabilities. This provides businesses with the necessary tools to manage and direct network traffic efficiently. The switch includes support for VLAN (Virtual Local Area Network) technology, which allows for the segmentation of network traffic, enhancing both security and performance. With VLANs, organizations can isolate critical workloads and improve network management while ensuring that sensitive information is protected from unauthorized access.

Another key characteristic of the C613-02013-00 is its extensive support for Power over Ethernet (PoE). This feature enables the switch to deliver electrical power along with data over standard Ethernet cabling. This is particularly beneficial for powering devices such as IP cameras, wireless access points, and VoIP phones, reducing the need for additional power supply infrastructure. With PoE capabilities, the switch simplifies installation and enhances flexibility in deploying network devices.

The C613-02013-00 also boasts advanced network management features, including support for SNMP (Simple Network Management Protocol) for efficient monitoring and troubleshooting. This ensures that network administrators can maintain optimal performance and quickly address any issues that arise. Additionally, the switch supports network redundancy features like Rapid Spanning Tree Protocol (RSTP), which helps to prevent network loops and minimizes downtime.

In terms of physical characteristics, the C613-02013-00 is designed for durability and ease of deployment in various environments. Its compact form factor allows for effective space utilization in data centers and network closets. Moreover, it features a fanless design, making it suitable for deployment in noise-sensitive environments such as offices and classrooms.

In summary, the Allied Telesis C613-02013-00 is a robust network switch offering advanced features such as Layer 2 switching, PoE support, and comprehensive network management capabilities. Its design and performance make it an excellent choice for businesses seeking to enhance their network infrastructure with reliable and secure connectivity solutions.
Top Page Image Contents