Problem:
A broadcast storm occurs when a network system is overwhelmed by continuous multicast or broadcast traffic. When different nodes or end points are sending/broadcasting data over a network link, and the other network devices are rebroadcasting the data back to the network link in response, this eventually causes the whole network to melt down and lead to the failure of network communication.
Broadcast storms degrade the network performance and may even bring networks down.
They need to be prevented or restricted while the root cause is being tracked down.
Diagnostics:Broadcast storms can be prevented by limiting the broadcast on individual ports when the end the devices connecting are known to not cause broadcasts.
The following methods can be used to limit broadcast traffic
-Limiting broadcast traffic using fault finder
-Configuring broadcast limit per port basis
-Configuring rate limit per port basis
SolutionLimiting broadcast traffic using fault finder.
The fault finder (FF) is a network monitoring mechanism designed to be more user-friendly, less resource intensive, and (at least on the hubs) more proactive . It will provide monitoring for a common set of network problems using a subset of port counters, reporting the port location of, probable cause of, and action taken to resolve network faults thru a Web GUI.
To prevent LAN traffic from being disrupted in the case of a broadcast storm, the use of fault-finder commands trigger a port disablement when a broadcast storm is detected.
Commands can be used only to support broadcast traffic and not multicast and unicast types of traffic.
fault-finder broadcast-storm
Syntax
fault-finder broadcast-storm [ethernet] <PORT-LIST> action [warn|warn-and-disable<SECONDS>] [percent <PERCENT>|pps <RATE>
-“percent” is the threshold level as a percentage of bandwidth of the port.
-“pps” is the threshold level in number of broadcast packets per second.
-“warn” is the action of logging the event only.
-“warn-and-disable” is the action of logging the event and disabling the port.
-“seconds” is the waiting period before re-enabling the port, ranging from 0 to 604800 seconds. The zero value means the port cannot be re-enabled automatically.
Configuring broadcast limit
In the port context, the command broadcast-limit can be used to limit the OUTbound broadcast traffic in port capacity percentage.
Example: The command broadcast-limit 1 allows outbound broadcast traffic up to 1 percent of the capacity of port 1.
If port 1 is a 1G port then the outbound broadcast traffic is limited to 10 Mbps.
interface 1 broadcast-limit 1
The range for the command “broadcast-limit” is from 0 to 99. A value of 0 disables broadcast limiting on the specified port
To verify this configuration, use the command show interfaces brief a1 and refer to the last column:
Switch(config)# sh interfaces
Status and Counters - Port Counters
Flow Bcast
Port Total Bytes Total Frames Errors Rx Drops Tx Ctrl Limit
------------ -------------- -------------- --------- --------- ---- -----
1 3,054,787 16,532 912 0 off 1
2 3,444,651 24,175 0 0 off 0
3 8,560,727 67,508 0 0 off 0
4 0 0 0 0 off 0
Configuring rate limit
For limiting Inbound broadcast traffic on specified ports, use the command rate-limit in the port context.
For example, the command below limits inbound broadcast traffic to 10% of the port capacity:
interface 1 rate-limit bcast in percent 10
To verify this configuration, use the command show rate-limit bcast 1
Switch(eth-1)# show rate-limit bcast 1
Broadcast-Traffic Rate Limit Maximum %
Port | Inbound Limit Mode
------ + ------------- ---------
10 | 10 %