Catalyst 6500 Series Software Configuration Guide, 7.6 - Configuring Unicast Flood Blocking [Cisco Catalyst 6500 Series Switches]

Table Of Contents

Configuring Unicast Flood Blocking

Understanding How Unicast Flood Blocking Works

Unicast Flood Blocking Configuration Guidelines

Configuring Unicast Flood Blocking on the Switch

Enabling Unicast Flood Blocking

Disabling Unicast Flood Blocking

Displaying Unicast Flood Blocking

Configuring Unicast Flood Blocking

This chapter describes how to configure unicast flood blocking on the Catalyst 6500 series switches.

Note For complete syntax and usage information for the commands used in this chapter, refer to the Catalyst 6500 Series Command Reference publication.

This chapter consists of these sections:

•Understanding How Unicast Flood Blocking Works

•Unicast Flood Blocking Configuration Guidelines

•Configuring Unicast Flood Blocking on the Switch

Understanding How Unicast Flood Blocking Works

You can enable unicast flood blocking on any Ethernet port on a per-port basis. Unicast flood blocking provides you the option to drop unicast flood packets on an Ethernet port that has only one host that is connected to the port. All Ethernet ports on a switch are configured to allow unicast flooding; unicast flood blocking allows you to drop the unicast flood packets before they reach the port.

Caution You must have a static CAM entry that is associated with the Ethernet port before you enable unicast flood blocking. If you do not have a static CAM entry that is associated with the port, you will lose network connectivity if you enable unicast flood blocking. You can verify that a static CAM entry exists by entering the show cam static command.

Note If you are configuring unicast flood blocking on a secure port, see "Configuring Port Security."

Unicast Flood Blocking Configuration Guidelines

This section describes the guidelines for configuring unicast flood blocking:

•Only Ethernet ports can block unicast flood traffic.

•If the Ethernet port is part of an IPX network, you must manually enter a static CAM entry in the CAM table before you disable unicast flood blocking on the port.

•You cannot configure unicast flood blocking on SPAN destination ports.

•You cannot configure a SPAN destination on a unicast flood blocking port.

•You cannot configure unicast flood blocking on a trunk port. If you attempt to configure unicast flood blocking on a trunk port, you will see an error message.

•You cannot configure unicast flood blocking on a port channel.

•You cannot configure a port channel on a unicast flood blocking port.

•Unicast flood blocking and GARP VLAN Registration Protocol (GVRP) are mutually exclusive. You cannot configure the port to block unicast flood packets and exchange VLAN configuration information with GVRP switches at the same time.

Configuring Unicast Flood Blocking on the Switch

These sections describe how to configure unicast flood blocking:

•Enabling Unicast Flood Blocking

•Disabling Unicast Flood Blocking

•Displaying Unicast Flood Blocking

Note When you are configuring unicast flood blocking, it is important to note that unicast flood blocking is given priority over other features (such as protocol filtering).

Enabling Unicast Flood Blocking

To configure the switch to drop unicast flood packets on a port, you must disable unicast flood blocking.

Note The port disables unicast flooding once the MAC address limit is reached.

To enable unicast flood blocking, perform this task in privileged mode:

Task

Command

Enable unicast flood blocking on the desired Ethernet ports to disable unicast flooding.

set port unicast-flood mod/port disable

This example shows how to disable unicast flood blocking on a port:
Console> (enable) set port unicast-flood 4/1 disable
WARNING: Trunking & Channelling will be disabled on the port. 
Unicast Flooding is successfully disabled on the port 4/1. 
Console> (enable) 
Disabling Unicast Flood Blocking

To configure the switch to receive unicast flood packets on a port, you must enable unicast flood blocking.

To disable unicast flood blocking, perform this task in privileged mode:

Task

Command

Disable unicast flood blocking on the desired Ethernet ports to enable unicast flooding.

set port unicast-flood mod/port enable

This example shows how to disable unicast flood blocking on a port:
Console> (enable) set port unicast-flood 4/1 enable
Unicast Flooding is successfully enabled on the port 4/1. 
Console> (enable) 
Displaying Unicast Flood Blocking

To display unicast flood blocking information, perform this task in privileged mode:

Task

Command

Display unicast flood blocking information per port.

show port unicast-flood mod/port

This example shows how to display unicast flood blocking information for port 1 on module 4:
Console> (enable) show port unicast-flood 4/1 
Port      Unicast Flooding 
----      ---------------- 
4/1       Disabled 
Console> (enable) 