cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
590
Views
0
Helpful
3
Replies

Storm Control

Senbonzakura
Level 1
Level 1

I have a quick question and looking for guidance.

I'm currently working on hardening a switch and I'm checking out storm control.

What is usually the best default to keep storm control at? Also, is it something that should always be added no matter what environment it's thrown into?

Another thing is with STP, is it good practice to configure BPDUGuard and Portfast?

3 Replies 3

Mark Elsen
Hall of Fame
Hall of Fame

 

  For storm control check this thread as an example : https://community.cisco.com/t5/switching/recommended-levels-for-storm-control/td-p/4186816 , for STP use BPDUguard on ports configured in access mode or globaly

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

What is usually the best default to keep storm control at? Also, is it something that should always be added no matter what environment it's thrown into?

the limit is depend on your network, but check when CPU is low the interface multicast and broadcast count and use it as ref. for your config

Another thing is with STP, is it good practice to configure BPDUGuard and Portfast?

Sure portfast will reduce the time before the port is UP if the port connect to PC and Server 
NOTE:- portfast never config in port connect to other SW 
BPDUguard, if by mistake somebody connect portfast port to SW the BPDUgurad will protect SW from short time Loop. 
NOTE:- since the BPDUguard is config with portfast so it always connect to port connect to  PC or server not to other SW

Hello
One way woull to enable storm control over a certain time period with a high rate to capturea baseline for current BC/MC traffic levels then based on that discovery you can then set definitive levels for your network.thereafter.

Int x/x
load-interval 30
storm-control broadcast level 99.00
storm-control multicast level 99.00

sh storm-control broadcast
sh storm-control multicast


Note:
If you enable both SC for both BC/MC traffic and either traffic exceeds that certain defined level within its default 1 second interval then SC will drop all BC/MC traffic until the end of the traffic storm interval isn’t exceeded.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul