Catalyst 4500 Series Software Configuration Guide, 7.5 - Configuring Unicast Flood Blocking [Support]

Table Of Contents

Configuring Unicast Flood Blocking

Understanding Unicast Flood Blocking

Configuration Guidelines for Unicast Flood Blocking

Configuring Unicast Flood Blocking

Enabling Unicast Flood Blocking

Disabling Unicast Flood Blocking

Displaying Unicast Flood Blocking

Configuring Unicast Flood Blocking

This chapter describes how to configure unicast flood blocking on the Catalyst enterprise LAN switches.

Note For complete syntax and usage information for the commands used in this chapter, refer to the Command Reference—Catalyst 4000 Family, Catalyst 2948G, and Catalyst 2980G Switches.

This chapter consists of these major sections:

•Understanding Unicast Flood Blocking

•Configuration Guidelines for Unicast Flood Blocking

•Configuring Unicast Flood Blocking

Understanding Unicast Flood Blocking

You can enable unicast flood blocking on any Ethernet port on a per-port basis. Unicast flood blocking gives you the option to drop unicast flood packets on an Ethernet port that has only one host connected to the port. All Ethernet ports on a switch are configured to allow unicast flooding; with unicast flood blocking you can drop unicast flood packets before they reach the port.

Caution You must have a static CAM entry associated with the Ethernet port before you enable unicast flood blocking. If you do not have a static CAM entry associated with the port, you will lose network connectivity if you enable unicast flood blocking. You can verify that a static CAM entry exists by entering the show cam static command.

Note If you are configuring unicast flood blocking on a secure port; see "Configuring Port Security."

Configuration Guidelines for Unicast Flood Blocking

This section lists the guidelines for configuring unicast flood blocking:

•Only Ethernet ports can block unicast flood traffic.

•If the Ethernet port is part of an IPX network, you must manually enter a static CAM entry in the CAM table before you disable unicast flood on the port.

•You cannot configure unicast flood blocking on SPAN destination ports.

•You cannot configure a SPAN destination on a unicast flood blocking port.

•You cannot configure unicast flood blocking on a trunk port. If you attempt to configure unicast flood blocking on a trunk port, you will see an error message.

•You cannot configure unicast flood blocking on a port channel.

•You cannot configure a port channel on a unicast flood blocking port.

•Unicast flood blocking and GARP VLAN Registration Protocol (GVRP) are mutually exclusive. You cannot configure the port to block unicast flood packets and exchange VLAN configuration information with GVRP switches at the same time.

Configuring Unicast Flood Blocking

These sections describe how to configure unicast flood blocking:

•Enabling Unicast Flood Blocking

•Disabling Unicast Flood Blocking

•Displaying Unicast Flood Blocking

Note When you configure unicast flood blocking, it is important to remember that it is given priority over other features, such as protocol filtering.

Enabling Unicast Flood Blocking

To configure the switch to drop unicast flood packets on a port, you must disable the unicast flood blocking feature.

Note The port disables unicast flooding once the MAC address limit is reached.

To configure unicast flood blocking, perform this task in privileged mode:

Task

Command

Enable unicast flood block on the desired Ethernet ports.

set port unicast-flood mod/port disable

This example shows how to configure the switch to disable unicast flood packets on a port:
Console> (enable) set port unicast-flood 4/1 disable
WARNING: Trunking & Channelling will be disabled on the port. 
Unicast Flooding is successfully disabled on the port 4/1. 
Console> (enable) 
Disabling Unicast Flood Blocking

To configure the switch to receive unicast flood packets on a port, you must enable the unicast flood feature.

To configure unicast flood blocking, perform this task in privileged mode:

Task

Command

Disable unicast flood blocking on the desired Ethernet ports.

set port unicast-flood mod/port enable

This example shows how to disable unicast flood blocking on a port:
Console> (enable) set port unicast-flood 4/1 enable
Unicast Flooding is successfully enabled on the port 4/1. 
Console> (enable) 
Displaying Unicast Flood Blocking

To display unicast flood blocking information, perform this task in privileged mode:

Task

Command

Display unicast flood blocking information on a per-port basis.

show port unicast-flood mod/port

This example shows how to display unicast flood block information for port 1 on module 4:
Console> (enable) show port unicast-flood 4/1 
Port      Unicast Flooding 
----      ---------------- 
4/1       Disabled 
Console> (enable) 