Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
619
Views
0
Helpful
0
Replies

configure broadcast storm control on Cisco 2960 switch

BorislavPenchev0962
Level 3
Level 3

‎12-20-2022 10:40 PM - edited ‎12-20-2022 10:47 PM

Hi,

during testing of broadcast storm control on Cisco 2960 Switch our SSH access gets blocked, console access is working;

We use Packet Flooder with 7 % bandwidth config and target the IP of the switch we testing;
> > both switches are connected over uplink and on each switch has a connected PC on Port 3 / vlan 33;
ping from the PCs is working during the test, but why we are loosing any access to the switch?
CPU levels are in order;
when we stop the test, access is working fine; we are wondering if this is blocked by the switch as part of denial of service protection?

here the port config:

interface GigabitEthernet1/0/3
description
network-policy 1
switchport access vlan 33
switchport mode access
srr-queue bandwidth share 1 40 45 15
priority-queue out
mls qos trust dscp
storm-control broadcast level bps 10m
storm-control multicast level bps 10m
storm-control action trap
spanning-tree portfast edge
spanning-tree bpduguard enable
ip dhcp snooping limit rate 25

GigabitEthernet1/0/3 is up, line protocol is up (connected) 
  Hardware is Gigabit Ethernet, address is  
  Description:  
  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, media type is 10/100/1000BaseTX
  input flow-control is off, output flow-control is unsupported 
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:02:40, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 2000 bits/sec, 3 packets/sec
  5 minute output rate 3000 bits/sec, 3 packets/sec
     12421 packets input, 958632 bytes, 0 no buffer
     Received 2204 broadcasts (111 multicasts)
     0 runts, 0 giants, 0 throttles 
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 111 multicast, 0 pause input
     0 input packets with dribble condition detected
     11977 packets output, 1124171 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

Gi1/0/3 connected 33 a-full a-100 10/100/1000BaseTX

 

Name: Gi1/0/3
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 33 
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: disabled
Voice VLAN: 10 
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

thanks for your advise

Best Regards

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents