Configuring Traffic Storm Control

This chapter contains the following sections:

Information About Traffic Storm Control

A traffic storm occurs when multicast, broadcast, or unknown-unicast packets flood a port, creating excessive traffic and degrading network performance. Even if the packet rate is not high, the number of clones could be large enough to impact the CPU performance or the switches, servers, and other VEMs on the network. Due to this high CPU usage, the VEM is unable to process the control traffic and traffic disconnects from the VSM. You can use the traffic storm control feature to prevent disruptions from a broadcast, multicast, or unknown-unicast traffic storm on these ports.

Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast, multicast, and unicast traffic over a configurable polling interval (the default is 1 second). During this interval, the traffic level is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic in the next polling interval until the traffic decreases below the allowed rate. Storm control works on each traffic type separately, as you can see in these examples of traffic storm control behavior:

  • If you enable broadcast traffic storm control, and broadcast traffic exceeds the level within the 1-second interval, traffic storm control drops all broadcast traffic in the next interval. If the broadcast rate is still above the threshold at the start of the next time interval, traffic storm control continues to drop the broadcast traffic.

  • If you enable broadcast and multicast traffic storm control, and broadcast traffic exceeds the level within the 1-second interval, traffic storm control drops all broadcast in the next interval. If the broadcast and multicast rate are still above the threshold at the start of the next time interval, traffic storm control continues to drop the broadcast and multicast traffic.

  • If you enable broadcast and multicast traffic storm control, and multicast traffic exceeds the level within the 1-second interval, traffic storm control drops all multicast traffic in the next interval. If the multicast rate is still above the threshold at the start of the next time interval, traffic storm control continues to drop multicast traffic.

Traffic storm control is configurable on every port, either through a port profile or directly on the interface (interface override). On physical interfaces and port channels, you can set the threshold as a percentage of the total available bandwidth, the number of bits per second, or the number of packets per second that the controlled traffic can use. On virtual interfaces, you can set the threshold as the number of bits per second or the number of packets per second that the controlled traffic can use. Because packets do not arrive at uniform intervals, the 1-second interval can affect the behavior of traffic storm control.

Guidelines and Limitations for Traffic Storm Control

When configuring the traffic storm control level, note the following guidelines and limitations:

  • You can configure traffic storm control on a port profile or on an interface (interface override).

  • Storm control cannot be configured on member ports of a port channel.

  • On physical interfaces, you can set the level as a percentage of the total available bandwidth, number of bits per second, or number of packets per second that the controlled traffic can use.

  • On virtual interfaces, you can set the level as a number of bits per second or packets per second.

Default Settings for Traffic Storm Control

This table lists the default settings for traffic storm control parameters.

Table 1. Default Traffic Storm Control Parameters

Parameters

Default

Polling interval

1 second

Traffic storm control

Disabled

Enabling the Traffic Storm Control Feature

Before you can use the Traffic Storm Control feature, you must enable it.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Enters global configuration mode.

Step 2

(Optional) storm-control enable

(Optional)
Enables the Traffic Storm Control feature.
Step 3

(Optional) copy running-config startup-config

(Optional)

Copies the running configuration to the startup configuration.

Example

The following example shows how to enable the Traffic Storm Control feature: 

switch# configure terminal
switch(config)# storm-control enable
switch(config)# copy running-config startup-config

Setting the Traffic Storm Control Polling Interval

The default traffic storm control polling interval is 1 second. You can change this interval using this procedure.

Before you begin

The Traffic Storm Control feature must be enabled. See Enabling the Traffic Storm Control Feature.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Enters global configuration mode.

Step 2

(Optional) storm-control polling-interval seconds

(Optional)
Configures the polling interval as a number of seconds. The range is from 1 to 300 seconds.
Step 3

(Optional) copy running-config startup-config

(Optional)

Copies the running configuration to the startup configuration.

Example

The following example shows how to configure a storm-control level of 40 packets per second on unicast traffic: 

switch# configure terminal
switch(config)# storm-control polling-interval 2
switch(config)# copy running-config startup-config

Configuring Traffic Storm Control on an Ethernet Port Profile

On Ethernet port profiles, you can set the percentage of total available bandwidth, number of bits per second, or number of packets per second that the controlled traffic can use. You can also configure traffic storm control on individual interfaces. To do so, specify the interface instead of the port profile.


Note

Traffic storm control uses a default 1-second interval that can affect the behavior of traffic storm control. However, this interval can be changed, as shown in this procedure.

Before you begin

The Traffic Storm Control feature must be enabled. See Enabling the Traffic Storm Control Feature.

Procedure

  Command or Action Purpose
Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

(Optional) switch(config)# storm-control polling-interval seconds

(Optional)
Configures the polling interval as a number of seconds.
Step 3

switch(config)# port-profile type ethernet name

Enters port profile configuration mode.

Note 

You can also configure traffic storm control on individual interfaces. To do so, specify the interface instead of the port profile in this step. For example, specify interface ethernet slot/port .

Step 4

switch(config-port-prof)# storm-control {broadcast | multicast | unicast } [number bps | number pps | percentage number]

Configures traffic storm control for traffic on the port profile. The default state is disabled.

Step 5

switch(config-port-prof)# exit

Exits port profile configuration mode.

Step 6

(Optional) switch(config)# show running-config interface {ethernet slot/ port | port-channel number}

(Optional)

Displays the traffic storm control configuration.

Step 7

(Optional) switch(config)# copy running-config startup-config

(Optional)

Copies the running configuration to the startup configuration.

Example

The following example shows how to configure a storm-control to 40 bits per second on unicast traffic: 

switch# configure terminal
switch(config)# port-profile type ethernet ethpp
switch(config-port-prof)# storm-control unicast bbp 40
switch(config-port-prof)# exit
switch(config)# copy running-config startup-config

Configuring Traffic Storm Control on a vEthernet Port Profile

On the vEthernet port profile, you can set the number of bits per second or packets per second that the controlled traffic can use. You can also configure traffic storm control on individual interfaces. To do so, specify the interface instead of the port profile.


Note

Traffic storm control uses a 1-second interval that can affect the behavior of traffic storm control. However, this interval can be changed, as shown in this procedure.

Before you begin

The Traffic Storm Control feature must be enabled. See Enabling the Traffic Storm Control Feature.

Procedure

  Command or Action Purpose
Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

(Optional) switch(config)# storm-control polling-interval seconds

(Optional)
Configures the polling interval as a number of seconds.
Step 3

switch(config)# port-profile type vethernet name

Enters port profile configuration mode.

Note 

You can also configure traffic storm control on individual interfaces. To do so, specify the interface instead of the port profile in this step. For example, specify interface vethernet number .

Step 4

switch(config-port-prof)# storm-control {broadcast | multicast | unicast } [number bps | number pps ]

Configures traffic storm control for traffic on the port profile. The default state is disabled.

Step 5

switch(config-port-prof)# exit

Exits port profile configuration mode.

Step 6

(Optional) switch(config)# show running-config interface {vethernet interface-number}

(Optional)

Displays the traffic storm control configuration.

Step 7

(Optional) switch(config)# copy running-config startup-config

(Optional)

Copies the running configuration to the startup configuration.

Example

The following example shows how to configure a storm-control level of 40 packets per second on unicast traffic: 

switch# configure terminal
switch(config)# port-profile type vethernet vethpp
switch(config-port-prof)# storm-control unicast 40 pps
switch(config-if)# exit
switch(config)# copy running-config startup-config

Verifying Traffic Storm Control Configuration

To display traffic storm control configuration information, perform one of the following tasks:

Command

Purpose

vemcmd show storm stats

Displays the traffic storm control statistics for the VEM.

vemcmd show storm status

Displays the traffic storm control status of the VEM.

show running-config interface

Displays the traffic storm control configuration.

show running-config port-profile name

Displays the traffic storm control configuration of the specified port profile.

For detailed information about the fields in the output from these commands, see the Cisco Nexus 1000V Command Reference.

Configuration Example for Traffic Storm Control

The following example shows how to configure traffic storm control: 

interface Ethernet1/1 
  storm-control broadcast pps 40 
  storm-control multicast pps 40 
  storm-control unicast pps 40

Feature History for Traffic Storm Control

This table only includes updates for those releases that have resulted in additions to the feature.

Feature Name

Feature Information

Traffic Storm Control

5.2(1)SV3(1.1)

This feature was introduced.