Alternatives to storm-control on Cat 6509s

Unanswered Question
Aug 21st, 2009
User Badges:

Hello,


I have several Catalyst 6500 (Supervisor 32) aggregation switches with WS-X6148A-GE-TX and WS-X6148-GE-TX line cards.


These line cards do not support storm-control/broadcast suppression. This impacted us badly during a recent spanning tree event.


As it stands, we are at risk of overwhelming control planes with excess broadcast or multicast traffic, and I need to find alternative ways to protect these switches.


I have been researching STP enhancements, and control-plane policing in the folowing documents, and would appreciate advice from engineers who may have had to implement similar workarounds for storm-control in a service provider setting.


* Configuring Denial of Service Protection

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dos.pdf


* Configuring Control Plane Policing

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/cntl_pln.pdf


* Configuring Optional STP Features

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/stp_enha.pdf


So, if we can't mitigate agaisnt STP events using storm-control or broadcast suppression, what might be the best combination of STP enhancements and control plane policing?


For example, it it possible to rate-limit broadcast/mult=icast, STP and ARP on a per VLAN basis? If so, how?


Many thanks,


P


--

Peter George

Lumison



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion