Storm Control

Storm Control

1. Function Overview

This product provides a storm control function as a countermeasure against L2 loops and DoS attacks.
Broadcasts, multicasts, and unicast (dlf) frames that are addressed to an unknown host are monitored for each LAN port, and frames that exceed a preset threshold value are discarded.
This prevents such frames from taking up bandwidth on the LAN port.

2. Definition of Terms Used

Broadcast Storm/Multicast Storm

This means a situation where frames addressed for broadcast or multicast are continuously forwarded.
In this situation, the switch floods all ports except for the reception port with the broadcast or multicast.
When this is received by another switch, all ports except for the reception port are flooded in the same way.
When this continues, it can lead to the following symptoms.

  • Bandwidth is taken up by the broadcast frames/multicast frames

  • The switch’s CPU load increases, making normal operations difficult

  • Devices connected to the switch become unable to communicate

Unicast Storm

This means a situation where frames addressed to an unknown unicast destination (dlf: Destination Lookup Failure) are continuously forwarded.
When the MAC address of the receiving device has not been registered in the ARP table, all ports on the switch except for the reception port are flooded.
This leads to the same symptoms occurring as with a broadcast storm or multicast storm.

3. Function Details

The operating specifications for storm control are shown below.

  1. The storm control function can be enabled for LAN ports.
    The setting is disabled for all ports by default.

  2. Storm control on this product can be specified as a tolerance percentage for the bandwidth of the LAN ports that receive broadcast frames, multicast frames, and frames addressed to an unknown unicast destination.
    (Control can be made in two decimal points. Specifying 100% is the same as disabling the storm function.)
    The bandwidth tolerance is common for all frames, and the user can select the applicable frames.
    This setting is made using the storm-control command.

  3. When frames exceeding the permitted bandwidth are received, the excessive frames are discarded.

  4. Use the show storm-control command to check the storm control information set for the LAN port.

4. Related Commands

Related commands are indicated below.
For command details, refer to the command reference.

Operations Operating commands

Set storm control

storm-control

Show storm control reception upper limit

show storm-control

5. Examples of Command Execution

In this example, the receivable L2 broadcast packets for LAN port 1 are restricted to a port bandwidth of 30%.

image

Yamaha(config)#interface port1.1
Yamaha(config-if)#storm-control broadcast level 30 (1)
Yamaha(config-if)#end
Yamaha#
Yamaha#show storm-control
Port        BcastLevel    McastLevel    UcastLevel
port1.1       30.00%       100.00%       100.00%
port1.2      100.00%       100.00%       100.00%
port1.3      100.00%       100.00%       100.00%
port1.4      100.00%       100.00%       100.00%
port1.5      100.00%       100.00%       100.00%
port1.6      100.00%       100.00%       100.00%
port1.7      100.00%       100.00%       100.00%
port1.8      100.00%       100.00%       100.00%
port1.9      100.00%       100.00%       100.00%
port1.10     100.00%       100.00%       100.00%
1 Limit broadcast to 30% of bandwidth