19-5
Cisco ME 3800X and 3600X Switch Software Configuration Guide
OL-23400-01
Chapter 19 Configuring Traffic Control
Configuring Port Blocking
To disable storm control, use the no storm-control {broadcast | multicast | unicast} level interface
configuration command.
This example shows how to enable unicast storm control on a port with an 87-percent rising suppression
level and a 65-percent falling suppression level:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# storm-control unicast level 87 65
This example shows how to enable broadcast address storm control on a port to a level of 20 percent.
When the broadcast traffic exceeds the configured level of 20 percent of the total available bandwidth of
the port within the traffic-storm-control interval, the switch drops all broadcast traffic until the end of
the traffic-storm-control interval:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# storm-control broadcast level 20
Configuring Port Blocking
By default, the switch floods packets with unknown destination MAC addresses out of all ports. If
unknown unicast and multicast traffic is forwarded to a protected port, there could be security issues. To
prevent unknown unicast or multicast traffic from being forwarded from one port to another, you can
block a port (protected or nonprotected) from flooding unknown unicast or multicast packets to other
ports.
Note With multicast traffic, the port blocking feature blocks only pure Layer 2 packets. Multicast packets that
contain IPv4 or IPv6 information in the header are not blocked.
• Default Port Blocking Configuration, page 19-5
• Blocking Flooded Traffic on an Interface, page 19-5
Default Port Blocking Configuration
The default is to not block flooding of unknown multicast and unicast traffic out of a port, but to flood
these packets to all ports.
Blocking Flooded Traffic on an Interface
The interface can be a physical interface or an EtherChannel group. When you block multicast or unicast
traffic for a port channel, it is blocked on all ports in the port-channel group.
Note You cannon configure port blocking on an interface that has a service instance configured.
To Next Page
Loading...
Need help?
General