Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Alternatives to storm-control on Cat 6509s

Hello,

I have several Catalyst 6500 (Supervisor 32) aggregation switches with WS-X6148A-GE-TX and WS-X6148-GE-TX line cards.

These line cards do not support storm-control/broadcast suppression. This impacted us badly during a recent spanning tree event.

As it stands, we are at risk of overwhelming control planes with excess broadcast or multicast traffic, and I need to find alternative ways to protect these switches.

I have been researching STP enhancements, and control-plane policing in the folowing documents, and would appreciate advice from engineers who may have had to implement similar workarounds for storm-control in a service provider setting.

* Configuring Denial of Service Protection

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/dos.pdf

* Configuring Control Plane Policing

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/cntl_pln.pdf

* Configuring Optional STP Features

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/stp_enha.pdf

So, if we can't mitigate agaisnt STP events using storm-control or broadcast suppression, what might be the best combination of STP enhancements and control plane policing?

For example, it it possible to rate-limit broadcast/mult=icast, STP and ARP on a per VLAN basis? If so, how?

Many thanks,

P

--

Peter George

Lumison

453
Views
0
Helpful
0
Replies