Boradcast & Storm Control on Siwtches

Unanswered Question
Dec 17th, 2007

Hi All, I have L2 vlan in my network for internet guest users which is totally separated with our corporate network by L2 vlans but they are sharing our access switches, now I am concerned about worms & virus in guest internet L2 network, if any kind of viruses casues broadcast or storm in network that can destroy our switches as we are sharing switches with guest & corporate users. Is there any way to control broadcast & storm in a vlan. Port based I know. I want to do for a vlan.

any one has any idea.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Mon, 12/17/2007 - 12:12

Are you thinking about placing the configuration changes in the SVI ?

Well, broadcast does not leave a Vlan, so placing any control at the SVI (Layer3 interface) brings no benefit.

nordick26 Tue, 12/18/2007 - 02:57

Hi Jain,

You can use a feature called "storm-control broadcast level XY%" and configure it on fastethernet or giga ethernet interfaces. XY is a value in percentage, and this will drop down all broadcasts, that are above this level for a period of time and so protects your switch.

Reffer to:

http://www.cisco.com/en/US/docs/routers/7600/ios/12.1E/configuration/guide/storm.html

Be careful when configuring both broadcast+multicast, unicast or any combination.

Crossing over of configured level of anyone (broadcast, multicast, unicast) will stop all of them.

So if you want only multicast to be limited, do not configure multicast or unicast.

HTH

Regards

Ivan

[pls rate any helpful posts]

Teoh Chee Hin Fri, 10/28/2011 - 01:25

hi,

To prevent virus to spread throughout the network ports or switches, can i used broadcast storm to control?

sometime, network may encountered loop, or some virus spread, so by apply below will help?

interface gi0/1-24
storm-control broadcast level ?
storm-control multicast level ?
storm-control unicast level ?
storm-control action shutdown

I need some advise on the level, what will be recommended level? or the threshold / pps ?

I read through cisco website, and understand, however, just never apply before, what is the recommended level for ?

in my network, we do have network ports connected to media server, just sharing video, song, etc for testing purpose, however not using PIM, but it work.

Is it recommended using PIM ?


Actions

This Discussion