For those of you running storm-control, I'm interested to hear where you set your thresholds. We're experimenting with a 10% gigabit host port and 15% gigabit trunk port threshold for both broadcast and multicast storms on the 3750 platform.
We see the 15% threshold get bumped just for a second perhaps once or twice in a 24-hour period, by either broadcast and multicast traffic. There's no discernible pattern to the events. They seem to be false alarms, probably bursts of legitimate traffic, although a sniffer hasn't given us any clues as to what that might be.
So just by way of comparison, do any of you have thresholds that you're comfortable with in your environments?