To enable traffic storm control on an access circuit (AC) or access pseudowire (PW)
under a VPLS bridge, use the storm-control command in l2vpn
bridge group bridge-domain access circuit configuration mode or l2vpn bridge group
bridge-domain pseudowire configuration mode. To disable traffic storm control, use the
no form of this command.
l2vpn bridge group bridge-domain access circuit configuration
l2vpn bridge group bridge-domain pseudowire configuration
To use this command, you must be in a user group associated with a task group that
includes the proper task IDs. If you suspect user group assignment is preventing you
from using a command, contact your AAA administrator for assistance.
Traffic storm control provides Layer 2 port security under a VPLS bridge by preventing
excess traffic from disrupting the bridge. Traffic storm control can be enabled on ACs
and PWs under a VPLS bridge. Traffic storm control monitors incoming traffic levels on a
port and drops traffic when the number of packets reaches the configured threshold level
during any 1-second interval.
For each AC and PW port, you can enable traffic storm control for three types of
traffic: broadcast, multicast, and unknown unicast.
The thresholds are configured at a packet-per-second (pps) rate. When the number of packets of
the specified traffic type reaches the configured threshold level, the port drops
additional packets of that traffic type arriving at that port for the remainder of the
1-second interval. At the beginning of a new 1-second interval, traffic of the specified
type is allowed to pass on the port.
The 1-second interval is set in the hardware and is not configurable. Use the
pps keyword to configure the maximum number of packets
allowed during each 1-second interval.
Drop counters maintain a cumulative count of the number of packets dropped because the
threshold was reached.
Use the show l2vpn bridge-domain command to view all
configured traffic storm control thresholds under a bridge and to view the current value
of the storm control drop counters.
The following example enables two traffic storm control thresholds on a pseudowire:
RP/0/RSP0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/RSP0/CPU0:router(config-l2vpn-bg)# bridge-domain abc
RP/0/RSP0/CPU0:router(config-l2vpn-bg-bd)# neighbor 188.8.131.52 pw-id 100
RP/0/RSP0/CPU0:router(config-l2vpn-bg-bd-pw)# storm-control broadcast pps 4500
RP/0/RSP0/CPU0:router(config-l2vpn-bg-bd-pw)# storm-control multicast pps 500