Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
154
Views
2
Helpful
2
Replies

Apply Storm Control Core Switch to ASA Firewall

johnlloyd_13
Level 9
Level 9

‎09-30-2024 08:07 PM

hi,

i'll be applying storm control in one of our facility switch fabric.

is it a good idea or "best practice" to apply storm control in the core switch port-channel (po101) interface facing the ASA FW which is also using port-channel interface (po1)? refer sample drawing below.

or do i just apply storm control only in the core switch trunk/port-channel facing the access/downstream switch?

johnlloyd_13_0-1727751929580.png

Labels:
0 Helpful
2 Replies 2

M02@rt37
VIP
VIP

‎09-30-2024 11:33 PM

Hello @johnlloyd_13 

Applying storm control on the core switch port-channel interface (Po101 in you case) facing the ASA firewall (Po1) may not be ideal, as firewalls typically handle traffic differently from downstream switches, and overly aggressive storm control could inadvertently block legitimate traffic during bursts.

It's a better practice to apply storm control on trunk port-channels facing downstream access switches, where broadcast, multicast, or unicast storms are more likely to originate. This ensures that you protect the core network from potential issues while allowing critical inter-device communication, like between the firewall and the core, to flow uninterrupted.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

johnlloyd_13
Level 9
Level 9

‎09-30-2024 11:49 PM

hi,

thanks for validating my concern!

is there a doc or link that would support this?

it's hard to find docs and best practice related to storm control.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card