15-3
Cisco Systems IntelligentGigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter15 Configuring Port-Based Tra ffic Control
Configuring Protected Ports
To disable storm control, use the no storm-control broadcast level, the no storm-control multicast
level, or the no storm-control unicast level interface configuration command.
This example shows how to enable broadcast address storm control on a port to a level of 20 percent.
When the broadcast traffic exceeds the configured level of 20 percent of the available bandwidth of the
port within the traffic-storm-control interval, the switch drops all broadcast traffic until the end of the
traffic-storm-control interval:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/17
Switch(config-if)# storm-control broadcast level 20
If you configure the action to be taken when a packet storm is detected as shutdown (the port is
error-disabled during a storm), you must use the no shutdown interface configuration command to bring
the interface out of this state. If you do not specify the shutdown action, specify the action as trap (the
switch generates a trap when a storm is detected).
Configuring Protected Ports
Some applications require that no traffic be forwarded between ports on the same switch so that one
neighbor does not see the traffic generated by another neighbor. In such an environment, the use of
protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these
ports on the switch.
Protected ports have these features:
A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that
is also a protected port. Data traffic cannot be forwarded bet ween protected ports at Layer 2; only
control traffic, such as PIM packets, is forwarded because these packets ar e processed by the CPU
and forwarded in software. All data traffic passing between protected po rts must be forwarded
through a Layer 3 device.
Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
Protected ports are supported on IEEE 802.1Q trunks.
The default is to have no protected ports defined.
You can configure protected ports on a physical interface or an EtherChannel group. When you enable
protected ports for a port channel, it is enabled for all ports in the port-channel group.
Step4 storm-control action {shutdown | trap} Specify the action to be taken when a storm is detected. The default
is to filter out the traffic and not to send traps.
Select the shutdown keyword to error-disable the port during a
storm.
Select the trap keyword to generate an SNMP trap when a storm
is detected.
Step5 end Return to privileged EXEC mode.
Step6 show storm-control [interface] [{broadcast
| history | multicast | unicast}]
Verify your entries.
Step7 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose