Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1668
Views
0
Helpful
5
Replies

how to limit broadcast on a access port from specific vlan on Cisco 3560 L3 switch?

Go to solution
m-abooali
Level 4
Level 4

‎03-05-2017 10:34 AM - edited ‎03-08-2019 09:37 AM

Hi,

I have been reading about port security and ways to limit broadcast from specific vlan, using limits PPS or percentage of total throughput of an access port but I am not sure if that is all I need to do in order to block and/or limit broadcast coming from certain vlan?

if no broadcast from a certain vlan is needed and we black that vlan then the whole access port will be shut!?

any input on this will be greatly appreciated.

Regards,

Masood

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni
In response to m-abooali

‎03-05-2017 02:01 PM

VTP pruning will prevent any kind of packets going to other switches that have no ports in that VLAN.

Are you actually experiencing an issue with broadcasts?

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎03-05-2017 11:38 AM

If you completely block broadcasts your network will probably break.  Things like ARP and DHCP are very dependent on it.

Yes you can limit the number of broadcasts.  I tend to make the number a good 5% as incorrectly blocking broadcasts can be damaging.

0 Helpful

Go to solution
m-abooali
Level 4
Level 4
In response to Philip D'Ath

‎03-05-2017 12:41 PM

thanks Phlip for taking the time to respond. breaking the network is what i am trying to prevent but how?

should acl be a better approach? than port security?

or, i am missing something?

Regards,

Masood

0 Helpful

Go to solution
m-abooali
Level 4
Level 4
In response to Philip D'Ath

‎03-05-2017 01:13 PM

hello again, given that broadcast stays within the VLAN they are initiated from, then, if VTP pruning is enable on trunk then the switch will be aware of broadcast storm!? correct?

router will not pass or transfer broadcast.

i think I will first enable VTP pruning on trunk link for VLAN n question and see how things improves and if I need port security on top of VLAN pruning too.

your thoughts?

best regards,

Masood

0 Helpful

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni
In response to m-abooali

‎03-05-2017 02:01 PM

VTP pruning will prevent any kind of packets going to other switches that have no ports in that VLAN.

Are you actually experiencing an issue with broadcasts?

0 Helpful

Go to solution
m-abooali
Level 4
Level 4
In response to Philip D'Ath

‎03-05-2017 02:32 PM

no, not facing but configuring a new switch for someone who doesn't have the capabilities. i just wanted to make sure I have done what is needed.

I turned on VTP pruning on trunk and that should be good for now.

thank you so much.

masood

0 Helpful
Customers Also Viewed These Support Documents