Wired Networks

What is storm control in Mobility Access switch and the recommended best practice config

Aruba Employee

Question: What is storm control in Mobility Access switch and the recommended best practice config?

 

Storm control prevents interfaces from disruptions by providing protection against excessive ingress rates of unknown-unicast, multicast, and broadcast traffic.
The function can be set under switch-profile. See an example below .. The settings are to allow only 50% of interface speed to be used for unknown unicast, broadcast and multicast traffic.
 
Storm control prevents LAN interfaces from being disrupted by a broadcast storm. A broadcast storm occurs when broadcast packets flood the subnet, creating excessive traffic and degrading network performance. Despite the fact that most protocols generally take care of loop prevention (eg. stp, rstp), a rogue switch can easily generate traffic storms and bring down a network. There is therefore a need to prevent these broadcast storms
 
(host) (config) #interface-profile switching-profile STORM_CONTROL
 
(host) (switching profile "STORM_CONTROL") #storm-control-bandwidth 50
 
(host) (switching profile "STORM_CONTROL") #storm-control-unknown-unicast
 
(host) (switching profile "STORM_CONTROL") #storm-control-multicast
 
(host) (switching profile "STORM_CONTROL") #storm-control-broadcast
 
(host) (config) #interface gigabitethernet 0/0/20
 
(host) (gigabitethernet "0/0/20") #switching-profile STORM_CONTROL
 
1. If the rate is set at 50% with unknown-unicast and broadcast enabled, what is the actual rate when storm control starts to drop the packets?
For example, if we have 40% of unknown-unicast and 20% of broadcast traffic incoming, will the storm control get activated (since combine total = 60%)? Smiley Surprisedr is it EACH type of traffic being storm-controlled individually (so storm control will not activate until either traffic exceeds 50% individually)? :Each type of traffic is being controlled individually. So storm control will not activate until either traffic exceeds 50% individually.

2. Per default interface-profile, storm control is already enabled at 50% for both unknown unicast and broadcast - just wanted to confirm.
Yes storm control is enabled by default for unknown unicast and broadcast with 50%.

3. As storm control is hardware based, does this mean CLI configuration will match exactly to the bandwidth or is there any +/- 1 - 2% error due to configuration-to-hardware mapping?
We saw +-/3% deviation from expected rate.

4. The bandwidth percent is based on "negotiated speed" of the interface (for example, gigabitethernet 0/0/0 connected to fastethernet device to be running at 100Mbps. So if the percentage is set to 50%, this should be 50Mbps and not 500Mbps).
Yes, . The bandwidth percent is based on "negotiated speed" of the interface.
[edit] Default configuration on box
 
(10.16.56.71) #show interface-profile switching-profile default
switching profile "default"
---------------------------
Parameter                                             Value
---------                                             -----
max-macs                                              10000
Switchport mode                                       access
Access mode VLAN                                      1
Trunk mode native VLAN                                1
Enable broadcast traffic rate limiting                Enabled
Enable multicast traffic rate limiting                Disabled
Enable unknown unicast traffic rate limiting          Enabled
Max allowed rate limit traffic on port in percentage  50
Trunk mode allowed VLANs                              1-4094

Version history
Revision #:
1 of 1
Last update:
‎07-02-2014 03:21 PM
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.