[c-nsp] recommendations for ARP CoPP

Matt Buford matt at overloaded.net
Thu Jan 5 14:04:30 EST 2006


> Now, I'm wondering what a "best practice" for ARP rate-limiting on the
> Sup720 is.
>
> The goal is:
>
> - whatever the customers do, the box has to stay up -- so anything that
>   causes CPU saturation and subsequent routing protocol keepalive issues
>   is "bad".  Which is why we have CoPP in the first place (and it works
>   very well - thank you, Cisco folks! - no CPU issues of any kind here)
>
> - but an ARP storm on one VLAN interface should not - if possible at
>   all - starve out ARP requests on *other* VLANs.
>
> is there any way to achieve this?
>
> How do "you other Sup720 users" out there handle ARP and CoPP?

I approach the problem from another angle, and enable broadcast storm 
control on customer ports.  Each customer is individually limited, that way 
one person flooding doesn't drop everyone else in the rate limit too.

I'm using almost exclusively 6500 switches, and the 6248 10/100 cards 
support this, however the 6148 10/100/1000 cards do not.  :(

Of course, not all ARPs are broadcast - but the looped ones you're seeing 
likely are. 



More information about the cisco-nsp mailing list