Table Of Contents
Configuring Unknown Unicast Flood Control
Understanding UUFB and UUFRL
Configuring UUFB
Configuring UUFRL
Configuring Unknown Unicast Flood Control
This chapter describes how to configure the unknown unicast flood blocking (UUFB) and unknown unicast flood rate-limiting (UUFRL) features in Cisco IOS Software Release 12.2SX.
Note For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Software Releases 12.2SX Command References at this URL:
http://www.cisco.com/en/US/docs/ios/mcl/122sx_mcl.html
Understanding UUFB and UUFRL
Unknown unicast traffic is flooded to all Layer 2 ports in a VLAN. You can use the UUFB and UUFRL features to prevent or limit this traffic.
The UUFB feature blocks unknown unicast traffic flooding at a specific port, only permitting egress traffic with MAC addresses that are known to exist on the port. The UUFB feature is supported on all ports that are configured with the switchport command, including private VLAN (PVLAN) ports.
The UUFRL feature applies a rate limit globally to unknown unicast traffic on all VLANs.
Configuring UUFB
To configure UUFB, perform this task:
|
Command
|
Purpose
|
Step 1
|
Router# configure terminal
|
Enters global configuration mode.
|
Step 2
|
Router(config)# interface {{type1 slot/port} |
{port-channel number}}
|
Selects the interface to configure.
|
Step 3
|
Router(config-if)# switchport block unicast
|
Enables UUFB on the port.
|
Step 4
|
Router(config-if)# do show interfaces
[type1 slot/port] switchport | include unicast
|
Verifies the configuration.
|
This example shows how to configure UUFB on Fast Ethernet port 5/12 and how to verify the configuration:
Router# configure terminal
Router(config)# interface fastethernet 5/12
Router(config-if)# switchport block unicast
Router(config-if)# do show interface fastethernet 5/12 switchport | include unicast
Unknown unicast blocked: enabled
Configuring UUFRL
Note The UUFRL feature is only available with the Supervisor Engine 720-10GE.
To configure UUFRL, perform this task:
|
Command
|
Purpose
|
Step 1
|
Router# configure terminal
|
Enters global configuration mode.
|
Step 2
|
Router(config)# mls rate-limit layer2 unknown
rate-in-pps [burst-size]
|
Enables UUFRL and sets the maximum packet rate.
(Optional) Specify a burst size limit.
|
Step 3
|
Router(config)# exit
|
Exits configuration mode.
|
When you configure UUFRL, note the following information:
•For the rate-in-pps value:
–The range is 10 through 1,000,000 (entered as 1000000).
–There is no default value.
–Values lower than 1,000 (entered as 1000) should offer sufficient protection.
•For the burst-size value:
–The range is 1 through 255.
–The default is 10.
–The default value should provide sufficient protection.
This example shows how to configure UUFRL with a rate limit of 1000 pps with a burst of 20 packets:
Router# configure terminal
Router(config)# mls rate-limit layer2 unknown 1000 20