04-06-2010 01:34 AM - edited 03-06-2019 10:28 AM
HI,
I am getting some broadcast problems at some sites with L2 and L3 switches.Actually at each site both L2 and L3 switches are connected with non-manageable switches or hubs , so i m getting to much broadcast packets on those interfaces. I have tried to stop this with storm-control feature and then with ACLs. In ACL i have denied 255.255.255.255 and even broadcast IP of those subnets but still the broadcast packets are coming with same pace. I have also tried flow control but no gain in it. Plz help me to sort out this issue.
Thanks
Taran
04-06-2010 02:05 AM
HI,
I am getting some broadcast problems at some sites with L2 and L3 switches.Actually at each site both L2 and L3 switches are connected with non-manageable switches or hubs , so i m getting to much broadcast packets on those interfaces. I have tried to stop this with storm-control feature and then with ACLs. In ACL i have denied 255.255.255.255 and even broadcast IP of those subnets but still the broadcast packets are coming with same pace. I have also tried flow control but no gain in it. Plz help me to sort out this issue.
Thanks
Taran
Hi Taran,
Have you tried configuring storm-control broadcast on switch port, check out the below link for more information about the same :-
Hope to help !!
Ganesh.H
04-06-2010 02:41 AM
HI Ganesh,
I have tried this method but didnt get result. Even I set storm control for broadcast to 0.0.
thanks
Taran
04-06-2010 05:07 PM
Get rid of your un-managed switch and hub. It doesn't matter what commands you've got if these devices are there. In the end, the broadcast can kill your switches.
Disable spanning-tree portfast and enable spanning-tree bpduguard enable.
04-07-2010 01:20 AM
portfast is not enabled on that int and there is hub . I dont think BPDU guard will help in this because hub doesnt send bpdu. plz let me know other solutions.
regards,
Taran
04-07-2010 01:29 AM
Enable port security and set for only 1 MAC address.
04-07-2010 01:36 AM
Thanks for reply. Actually the problem is I cant bind only one MAC because there may be more IP addresses because I have already given a IP pool to that LAN segment.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: