Cisco Support Community
Community Member

DFM Guide Line for Large Network

Hi Community

I am just wondering whether cisco has standard guidline to follow for large area network with many routers and switches. Lets say total 300 routers and switches?

I am receiving a lot of fault alarms and it is not actually happening for example link up/down, unresponsive. Big headache to go through each and every alarms as thousands of alarm everyday!!

Right now all setting are in factory default.

Please advice how to fine tune and what to fine tune based on your experience.

Thanks in advance.

Best Regards.

Community Member

Re: DFM Guide Line for Large Network

Default setup parameters for DFM are awful. I have slightly more devices than your network and I find polling every two minutes, and setting uplink & trunk utilization thresholds to 85%, broadcast at 45% works well. I'd like to poll the switches more often but when I do I begin to receive a lot of false alerts.

Also be sure to only manage interfaces that you need to be concerned about when they are flagged. If DFM is alerting you to any that aren't needed set the management status to 'false' in device management, device details -> view. By default most interface including logical are enabled. This is overkill IMHO.

Community Member

Re: DFM Guide Line for Large Network


Thanks for your tips. Most of the fault alarms are for operationally down. First I though that OperationallyDown are traps and it is real alarm.

When I go back and check the doc:, it is also polling. So I believe I have to increase the SNMP timeout for all interface+trunk polling.

The way threshold work is really stupid in my opinion. When you poll and found that its over the limit, it alert you. We cannot set how long it should be above the limit and just a spike and give us alert!!

Hope in future version, they put this facility. I am still working out the solution and found something useful, I will post it up as well.

Thanks and Regards


Community Member

Re: DFM Guide Line for Large Network


Following is the setting that reduce my network fault alarms.

I increased the SNMP timeout to 10sec from 700millisec for DFM all interfaces. By doing so, now I hardly see Unresponsive event. Before that I can see thousand of these event coming to email.

Another setting that I changed is utilization setting. Changed from default 40% to 80%. That give me wonder result as well.

This is my scenario and hope helpful and I wish cisco can come out with kinda standard guideline based on number of network devices you are monitoring.


CreatePlease to create content