When the storm control threshold for multicast traffic is reached, all multicast traffic except control traffic, such as bridge protocol data unit (BDPU) and Cisco Discovery Protocol (CDP) frames, are blocked. In general, the higher the level, the less effective the protection against broadcast storms. If the falling suppression level is not specified, the switch blocks all traffic until the traffic rate drops below the rising suppression level. The port remains blocked until the traffic rate drops below the falling threshold (if one is specified) and then resumes normal forwarding. With each method, the port blocks traffic when the rising threshold is reached.
The threshold for small frames is configured for each interface. Traffic rate in packets per second and for small frames. Traffic rate in bits per second at which broadcast, multicast, or unicast packets are received Traffic rate in packets per second at which broadcast, multicast, or unicast packets are received Storm control uses one of these methods to measure traffic activity:īandwidth as a percentage of the total available bandwidth of the port that can be used by the broadcast, multicast, or unicast traffic The switch counts the number of packets of a specified type received within the 1-second time interval and compares the measurement with a predefined suppression-level threshold. Storm control (or traffic suppression) monitors packets passing from an interface to the switching bus and determines if the packet is unicast, multicast, or broadcast. Errors in the protocol-stack implementation, mistakes in network configurations, or users issuing a denial-of-service attack can cause a storm. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Storm control prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast storm on one of the physical interfaces. Information About Storm Control Storm Control
#Port security on cisco 2950 switch software
Navigator to find information about platform support and Cisco software image To find information about the featuresĭocumented in this module, and to see a list of the releases in which eachįeature is supported, see the feature information table at the end of this For the latestĬaveats and feature information, see Bug Search Tool and the release notes for May not support all the features documented in this module.
The Cisco IOS Release for which this guide is written: The following port-based traffic control features are supported in
#Port security on cisco 2950 switch how to
How to Configure Protocol Storm ProtectionĬonfiguring Port-Based Traffic Control Overview ofĬontrol is a set of Layer 2 features on the Cisco Catalyst switches used toįilter or block packets at the port level in response to specific trafficĬonditions.Default Protocol Storm Protection Configuration.Information About Protocol Storm Protection.Configuration Examples for Port Security.Enabling and Configuring Port Security Aging.Blocking Flooded Traffic on an Interface.Configuring Storm Control and Threshold Levels.
0 kommentar(er)
