-
Catalyst 6500 Series Software Configuration Guide, 7.6
-
Preface
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch IP Address and Default Gateway
-
Configuring Ethernet, Fast Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet Switching
-
Configuring Ethernet VLAN Trunks
-
Configuring EtherChannel
-
Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
-
Configuring Spanning Tree
-
Configuring Spanning Tree PortFast, UplinkFast, BackboneFast, and Loop Guard
-
Configuring VTP
-
Configuring VLANs
-
Configuring InterVLAN Routing
-
Configuring CEF for PFC2
-
Configuring MLS
-
Configuring NDE
-
Configuring Access Control
-
Configuring GVRP
-
Configuring Dynamic Port VLAN Membership with VMPS
-
Checking Status and Connectivity
-
Administering the Switch
-
Configuring Switch Access Using AAA
-
Configuring Redundancy
-
Modifying the Switch Boot Configuration
-
Working with the Flash File System
-
Working with System Software Images
-
Working with Configuration Files
-
Configuring System Message Logging
-
Configuring DNS
-
Configuring CDP
-
Configuring UDLD
-
Configuring NTP
-
Configuring Broadcast Suppression
-
Configuring Layer 3 Protocol Filtering
-
Configuring the IP Permit List
-
Configuring Port Security
-
Configuring 802.1x Authentication
-
Configuring Unicast Flood Blocking
-
Configuring SNMP
-
Configuring RMON
-
Configuring SPAN and RSPAN
-
Using Switch TopN Reports
-
Configuring Multicast Services
-
Configuring QoS
-
Configuring Automatic QoS
-
Configuring ASLB
-
Configuring the Switch Fabric Module
-
Configuring a VoIP Network
-
Acronyms
-
Table Of Contents
Configuring Broadcast Suppression
Understanding How Broadcast Suppression Works
Configuring Broadcast Suppression on the Switch
Enabling Broadcast Suppression
Disabling Broadcast Suppression
Configuring Broadcast Suppression
This chapter describes how to configure broadcast suppression on the Catalyst 6500 series switches.
Note
For complete syntax and usage information for the commands used in this chapter, refer to the Catalyst 6500 Series Switch Command Reference publication.
This chapter consists of these sections:
•
•
Understanding How Broadcast Suppression Works
Broadcast suppression prevents switched ports on a LAN from being disrupted by a broadcast storm on one of the ports. A LAN broadcast storm occurs when broadcast or multicast packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation or in the network configuration can cause a broadcast storm.
Broadcast suppression uses filtering that measures broadcast activity on a LAN over a 1-second time period and compares the measurement with a predefined threshold. If the threshold is reached, further broadcast activity is suppressed for the duration of a specified time period. Broadcast suppression is disabled by default.
Figure 32-1 shows the broadcast traffic patterns on a port over a given period of time. In this example, broadcast suppression occurs between time intervals T1 and T2 and between T4 and T5. During those time periods, the amount of broadcast traffic exceeded the configured threshold.
Figure 32-1 Broadcast Suppression
The broadcast suppression threshold numbers and the time interval make the broadcast suppression algorithm work with different levels of granularity. A higher threshold allows more broadcast packets to pass through.
Broadcast suppression on the Catalyst 6500 series switches is implemented in hardware. The suppression circuitry monitors packets passing from a port to the switching bus. Using the Individual/Group bit in the packet destination address, the broadcast suppression circuitry determines if the packet is unicast or broadcast. It keeps track of the current count of broadcasts within the 1-second time interval, and when a threshold is reached, filters out subsequent broadcast packets.
Because hardware broadcast suppression uses a bandwidth-based method to measure broadcast activity, the most significant implementation factor is setting the percentage of total available bandwidth that can be used by broadcast traffic. A threshold value of 100 percent means that no limit is placed on broadcast traffic. Using the set port broadcast command, you can set up the broadcast suppression threshold value.
Because packets do not arrive at uniform intervals, the 1-second time interval during which broadcast activity is measured can affect the behavior of broadcast suppression.
On Gigabit Ethernet ports, you can use the broadcast suppression to filter multicast and unicast traffic. You can suppress multicast or unicast traffic separately on a port; both require that you configure broadcast suppression. When you specify a percentage of the total bandwidth to be used for multicast or unicast traffic, the same limit applies to the broadcast traffic.
Note
Note
Configuring Broadcast Suppression on the Switch
These sections describe how to configure broadcast suppression on the Catalyst 6500 series switches:
•
•
•
Enabling Broadcast Suppression
To enable broadcast suppression for one or more ports, perform this task in privileged mode:
Note
This example shows how to enable bandwidth-based broadcast suppression and verify the configuration:
Console> (enable) set port broadcast 3/1-6 75.25%Ports 3/1-6 broadcast traffic limited to 75.25%.On broadcast suppression ports 3/1-6 are configured to drop-packets. Console> (enable) show port broadcast 3Port Broadcast-Limit Multicast Unicast Total-Drop Action-------- --------------- --------- ------- -------------------- ------------3/1 75.25 % - - 0 drop-packets3/2 75.25 % - - 0 drop-packets3/3 75.25 % - - 2 drop-packets3/4 75.25 % - - 0 drop-packets3/5 75.25 % - - 0 drop-packets3/6 75.25 % - - 0 drop-packets3/7 - - - 0 drop-packets3/8 - - - 0 drop-packets..<snip>.Console> (enable)This example shows how to limit the multicast and broadcast traffic to 80 percent for port 1 on
module 2 and verify the configuration:Console> (enable) set port broadcast 2/1 80% multicast enablePort 2/1 broadcast and multicast traffic limited to 80.00%.On broadcast suppression port 2/1 is configured to drop-packets.Console> (enable) show port broadcast 2/1Port Broadcast-Limit Multicast Unicast Total-Drop Action-------- --------------- --------- ------- -------------------- ------------2/1 80.00 % 80.00 % - 0 drop-packetsConsole> (enable)Disabling Broadcast Suppression
To disable broadcast suppression on one or more ports, perform this task in privileged mode:
This example shows how to disable broadcast suppression on one or more ports:
Console> (enable) clear port broadcast 2/1Port 2/1 traffic unlimited.Console> (enable)Enabling the errdisable State
Note
When broadcast, multicast, or unicast suppression occurs, you can configure ports to either drop packets or go into the errdisable state. The errdisable state feature can be enabled or disabled on a per-port basis and is disabled by default (the drop-packets option is enabled by default).
Note
To enable the errdisable state on a port, perform this task in privileged mode:
This example shows how to limit broadcast traffic to 90 percent and to errdisable the port when broadcast suppression occurs:
Console> (enable) set port broadcast 4/6 90% violation errdisablePort 4/6 broadcast traffic limited to 90.00%.On broadcast suppression port 4/6 is configured to move to errdisabled state.Console> (enable)
Note
Once a port is put into errdisable state, it can be reenabled after a specific timeout interval has expired. Use the set errdisable-timeout interval command to specify the timeout interval.
Use the set port errdisable-timeout command to control on a per-port basis whether a port should be enabled after a certain time or continue to be in the errdisabled state once it has been errdisabled.
For more information, see the "Configuring a Timeout Period for Ports in errdisable State" section.
