Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
360
Views
0
Helpful
1
Replies

Storm Control and why are the process so high with only 2 pc connected to the switch stack.

rojasvictor
Level 1
Level 1

‎01-29-2014 01:16 PM - edited ‎03-07-2019 05:53 PM

Dear Tech Support

I have a cisco catalyhst 3750x.

I liked to implemtnet the storm control mechnism to avoid downtime. but how do it know when i user is copy a large file over the network , or the users is being victim of an atack FROM his computer to the servers or workstations locally.

I have setup a storm control mechanism with the following parameters show below, but the results is:

- The workstation on port 10 copy 1.3gb for testing. Every 10 sec on average, exceed the upper limit to 680pps, then the port goes into blocking stage , then when it drops to 280pps or so, the port goes into forwading again.( becuase it went below 580pps).

Questions:

  1. What do i need to do to only trigger the trap wihout blocking the state on that port ?
  2. And whty does my procesor on the master switch goes to 69% when only 2 pcs are connected.

see the config - thank you,

UHA-AMP-R-SwStack01#show storm-control

Interface Filter State Upper Lower Current

--------- - ------------ ----------- ----------- ----------

Gi1/0/10 Forwarding 600 pps 580 pps 0 pps

UHA-AMP-R-SwStack01#

! stackwise function

switch 1 provision ws-c3750x-48p

switch 2 provision ws-c3750x-48p

switch 3 provision ws-c3750x-24p

!

....
....

.... Truncated restt of the config

....

....

interface GigabitEthernet1/0/10

switchport access vlan 21

switchport mode access

switchport port-security

switchport port-security aging time 2

switchport port-security violation restrict

switchport port-security aging type inactivity

macro description cisco-desktop

storm-control broadcast level pps 600 580

storm-control multicast level pps 600 580

storm-control unicast level pps 600 580

storm-control action trap

spanning-tree portfast

spanning-tree bpduguard enable

end

Labels:
0 Helpful
1 Reply 1

paul driver
VIP
VIP

‎01-29-2014 01:42 PM

Hello

I personally found setting storm control on bps/pps values a bit time consuming - It does give you a more specifc control over the interface traffic but I have found using BW utilization a better option.

What do i need to do to only trigger the trap wihout blocking the state on that port ? - Dont think you can as this is the default feature of storm control

Looking  at your config you have enabled SC for all traffic and the action is to  send a trap message, this will still prohibit whatever traffic rises  above the specifed thresholds but it shouldnt errordisable the port as  like the SC shutdown action would do, then i suppose you could specify  errdisable recovery to attempt auto recover the port at a specific time  interval anyway

And why does my procesor on the master switch goes to 69% when only 2 pcs are connected.

Not sure on this one -How are  they connected?

Does this only occur when SC is enabled on the ports?

Is it specific to these two pcs?

Have you check/changed the cabling?

res

Paul

.

Please don't forget to rate any posts that have been helpful.

Thanks.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card