[c-nsp] Storm-Control on server switch uplinks.
Jon Lewis
jlewis at lewis.org
Wed Aug 25 10:37:31 EDT 2010
On Wed, 25 Aug 2010, Peter Rathlev wrote:
> On Wed, 2010-08-25 at 08:22 +0200, Jens S Andersen wrote:
>> I just found out I can't set different levels for broadcast and multicast
>> storm control
>
> Cisco hints at this in the documentation, e.g. for the "storm-control
> broadcast level" command:
>
> "Enables broadcast traffic storm control on the interface, configures
> the traffic storm control level, and applies the traffic storm control
> level to all traffic storm control modes enabled on the interface. "
Even clearer than that:
"Each port has a single traffic storm control level that is used for all
types of traffic (broadcast, multicast, and unicast).
Traffic storm control monitors the level of each traffic type for which
you enable traffic storm control in 1-second traffic storm control
intervals."
So it seems there's one storm-control threshold per interface, and you
decide which types of traffic (unicast/broadcast/multicast) have that
threshold applied.
It then gets a little murky:
"Traffic storm control on the Catalyst 6500 series switches is implemented
in hardware. The traffic storm control circuitry monitors packets passing
from a LAN interface to the switching bus. Using the Individual/Group bit
in the packet destination address, the traffic storm control circuitry
determines if the packet is unicast or broadcast, keeps track of the
current count of packets within the 1-second interval, and when a
threshold is reached, filters out subsequent packets.
Because hardware traffic storm control uses a bandwidth-based method to
measure traffic, the most significant implementation factor is setting the
percentage of total available bandwidth that can be used by controlled
traffic. Because packets do not arrive at uniform intervals, the 1-second
interval during which controlled traffic activity is measured can affect
the behavior of traffic storm control."
Here, they first say storm control keeps track of the "count of packets"
which implies to me "number of packets" or PPS, but then they say it's
bandwidth based. I think I'd actually prefer if it were simply based on
PPS or if configuring it as PPS was at least an option. We had a recent
event in which a few VMs started sending an excessive rate of both
broadcast and multicast. The traffic was arriving on 1gig interfaces on a
pair of 6509s, and at a traffic rate of about 55mbit/s, we were seeing 78k
PPS, and the 6509s were not amused. This got me looking at storm-control
again. We'd experimented with it years ago, but never fully implemented
it.
One thing I'm curious about...if I have an interface with storm-control
configured, and that interface is the source for a monitor session, during
a traffic storm, will I see the dropped packets on the monitor session
destination?
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the cisco-nsp
mailing list