Storm-Control takes a sample of the traffic on a scheduled interval and references your configured limitations. If the related storm-control traffic goes beyond the limitations set, I believe it will drop ALL of that sort of traffic for a brief period of time.
Now, I'd think that unicast flows would be a little harder to figure out the correct percentages to police. But broadcasts could be a little more malevolent. Especially when taking up a large percentage of the port bandwidth.
This also makes me think that it might be worth base-lining broadcasts, multicasts and unicasts on other switchports to see what might constitute normal flows vs. problematic flows, and create limitations based on that.
Regards,
Rick
See below:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli_rel_4_0_1a/CLIConfigurationGuide/traffstorm.html
"Information About Traffic Storm Control
A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on Layer 2 ports by a broadcast, multicast, or unknown unicast traffic storm on physical interfaces.
Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast, multicast, and unicast traffic over a 10-microsecond interval. During this interval, the traffic level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends.
Figure 15-1 shows the broadcast traffic patterns on a Layer 2 interface during a specified time interval. In this example, traffic storm control occurs between times T1 and T2 and between T4 and T5. During those intervals, the amount of broadcast traffic exceeded the configured threshold."
