Chapter 26 Configuring Port-Based Traffic Control

Configuring Protected Ports

 

Command

Purpose

Step 6

 

 

show storm-control [interface-id] [broadcast

Verify the storm control suppression levels set on the interface for

 

multicast unicast]

the specified traffic type. If you do not enter a traffic type,

 

 

broadcast storm control settings are displayed.

Step 7

 

 

copy running-config startup-config

(Optional) Save your entries in the configuration file.

 

 

 

To disable storm control, use the no storm-control{broadcast multicast unicast} level interface configuration command.

This example shows how to enable unicast storm control on a port with an 87-percent rising suppression level and a 65-percent falling suppression level:

Switch# configure terminal

Switch(config)# interface gigabitethernet1/0/1

Switch(config-if)#storm-control unicast level 87 65

This example shows how to enable broadcast address storm control on a port to a level of 20 percent. When the broadcast traffic exceeds the configured level of 20 percent of the total available bandwidth of the port within the traffic-storm-control interval, the switch drops all broadcast traffic until the end of the traffic-storm-control interval:

Switch# configure terminal

Switch(config)# interface gigabitethernet1/0/1

Switch(config-if)#storm-control broadcast level 20

Configuring Protected Ports

Some applications require that no traffic be forwarded at Layer 2 between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.

Protected ports have these features:

A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.

Forwarding behavior between a protected port and a nonprotected port proceeds as usual.

Because a switch stack represents a single logical switch, Layer 2 traffic is not forwarded between any protected ports in the switch stack, whether they are on the same or different switches in the stack.

These sections contain this configuration information:

Default Protected Port Configuration, page 26-5

Protected Port Configuration Guidelines, page 26-6

Configuring a Protected Port, page 26-6

Default Protected Port Configuration

The default is to have no protected ports defined.

Catalyst 3750-E and 3560-E Switch Software Configuration Guide

 

OL-9775-02

26-5

 

 

 

Page 601
Image 601
Cisco Systems 3750E manual Configuring Protected Ports, Default Protected Port Configuration, Multicast unicast, 26-5