Alternatives to storm-control on Cat 6509s

Unanswered Question
Aug 21st, 2009

Hello,

I have several Catalyst 6500 (Supervisor 32) aggregation switches with WS-X6148A-GE-TX and WS-X6148-GE-TX line cards.

These line cards do not support storm-control/broadcast suppression. This impacted us badly during a recent spanning tree event.

As it stands, we are at risk of overwhelming control planes with excess broadcast or multicast traffic, and I need to find alternative ways to protect these switches.

I have been researching STP enhancements, and control-plane policing in the folowing documents, and would appreciate advice from engineers who may have had to implement similar workarounds for storm-control in a service provider setting.

* Configuring Denial of Service Protection

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dos.pdf

* Configuring Control Plane Policing

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/cntl_pln.pdf

* Configuring Optional STP Features

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/stp_enha.pdf

So, if we can't mitigate agaisnt STP events using storm-control or broadcast suppression, what might be the best combination of STP enhancements and control plane policing?

For example, it it possible to rate-limit broadcast/mult=icast, STP and ARP on a per VLAN basis? If so, how?

Many thanks,

P

--

Peter George

Lumison

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion