[c-nsp] Broadcast storm Cisco Solution
Phil Mayers
p.mayers at imperial.ac.uk
Thu Jul 26 12:26:07 EDT 2012
On 26/07/12 17:07, Rich Trinkle wrote:
> Thanks Nick. I did some research on storm control. If I set this up
> for broadcast and this happens again, all broadcast traffic stops on
> this port thus affecting all my subs.
That is common (universal?) behaviour. Storm control is per-port on all
kit I'm aware of.
> The AFC equipment does not have the capability of controlling or
> monitoring for this type of excessive traffic. In the event of a
> storm, or ddos attack, I'd like to be able to just isolate that mac
> or ip that's causing it and not affect any of the other subs on that
> dhcp network.
Broadcast storms in LAN networks (and the 3750 is a LAN switch) are
usually caused by loops. In these cases, the source MAC address is every
MAC address on the network emitting broadcast packets, so "per MAC"
limiting doesn't make any sense. Hence, the feature doesn't exist.
As Nick says, this needs to be done at the edge to avoid the problem
you're seeing.
More information about the cisco-nsp
mailing list