Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2562
Views
5
Helpful
6
Replies

switch port block unicast impact on voice traffic

Go to solution
vishal77
Level 1
Level 1

‎01-13-2020 10:55 PM

Hi All,

 

Is it entering command "switchport block unicast" on interface level/basis would impact (VOIP traffic) phones connected to that interface.

As im getting an few complaint that users are unable to hear voice while calling to other users.  

 

Any help will be appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
lucasfreitas83
Level 1
Level 1
In response to vishal77

‎01-14-2020 10:32 AM

Hello VishalShah7719,

 

How Marce mentioned you can put storm control in switch ports.

 

This example shows how to enable unicast storm control on a port with an 87-percent rising suppression level and a 65-percent falling suppression level:

Switch# configure terminal

Switch(config)# interface gigabitethernet1/0/1

Switch(config-if)# storm-control unicast level 87 65

 

Other examples in link bellow:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_53_se/configuration/guide/3750xscg/swtrafc.html#71262

 

Also, you can increase mac-aging time, if necessary and use port security mac sticky to fix two or more MAC in the port. Careful the last command, this needs attention when you change/move host or phone another port.

 

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future.

Best regards,
Lucas Freitas

View solution in original post

0 Helpful
6 Replies 6

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎01-13-2020 11:06 PM

 

 - Why do you want to use that particular command and or what are the needs for that command ?

    M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
vishal77
Level 1
Level 1
In response to marce1000

‎01-14-2020 12:48 AM

Hi Marce,

 

Thanks for your reply.

 

 Basically  my aim is to enable  flood blocking on the switch of unknown unicast or multicast traffic is flooded to a switch port because a MAC address has timed out or has not been learned by the switch.

 

 

0 Helpful

Go to solution
marce1000
Hall of Fame
Hall of Fame
In response to vishal77

‎01-14-2020 06:23 AM

 

 - Simply blocking unicast traffic will be too heavy a measure because VoIP is unicast-traffic too. You may want to look into storm-control settings to protect against flooding. Google for instance on cisco ios storm control configuration examples , which will return a multitude of informational links concerning the subject.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Go to solution
lucasfreitas83
Level 1
Level 1
In response to vishal77

‎01-14-2020 10:32 AM

Hello VishalShah7719,

 

How Marce mentioned you can put storm control in switch ports.

 

This example shows how to enable unicast storm control on a port with an 87-percent rising suppression level and a 65-percent falling suppression level:

Switch# configure terminal

Switch(config)# interface gigabitethernet1/0/1

Switch(config-if)# storm-control unicast level 87 65

 

Other examples in link bellow:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_53_se/configuration/guide/3750xscg/swtrafc.html#71262

 

Also, you can increase mac-aging time, if necessary and use port security mac sticky to fix two or more MAC in the port. Careful the last command, this needs attention when you change/move host or phone another port.

 

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future.

Best regards,
Lucas Freitas

0 Helpful

Go to solution
vishal77
Level 1
Level 1
In response to lucasfreitas83

‎01-15-2020 07:17 PM - edited ‎01-15-2020 07:50 PM

thanks buddy for your suggestion.

Also would it (switch port block unicast) impact data ports means laptop or computer connected ?

 

Reason I'm asking cause there's an audit happened at my company and they have suggested to enable such command on access ports.

0 Helpful

Go to solution
lucasfreitas83
Level 1
Level 1
In response to vishal77

‎01-16-2020 02:55 AM

Hello VishalShah7719,

 

When you use switchport block, you need MAC static or leaning by port security sticky, because if you don't have MAC in table, switch block traffic all unknown mac address.

 

switch# configure terminal
switch(config)# interface gi0/0/1
switch(config-if)# switchport block unicast

 

https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/l2/switchport-block.html

 

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future.

Best regards,
Lucas Freitas

 

0 Helpful
Customers Also Viewed These Support Documents