[116832] in North American Network Operators' Group
Alternatives to storm-control on Cat 6509.
daemon@ATHENA.MIT.EDU (Peter George)
Fri Aug 21 06:40:11 2009
From: Peter George <Peter.George@lumison.net>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Fri, 21 Aug 2009 11:39:34 +0100
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hello,
I have several Catalyst 6500 (Supervisor 32) aggregation switches with WS-X=
6148A-GE-TX and WS-X6148-GE-TX line cards.
These line cards do not support storm-control/broadcast suppression. This i=
mpacted us badly during a recent spanning tree event.
As it stands, we are at risk of overwhelming control planes with excess bro=
adcast or multicast traffic, and I need to find alternative ways to protect=
these switches.
I have been researching STP enhancements, and control-plane policing in the=
following documents, and would appreciate advice from engineers who may ha=
ve had to implement similar workarounds for storm-control in a service prov=
ider setting.
* Configuring Denial of Service Protection
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/config=
uration/guide/dos.pdf
* Configuring Control Plane Policing
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/config=
uration/guide/cntl_pln.pdf
* Configuring Optional STP Features
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/config=
uration/guide/stp_enha.pdf
So, if we can't mitigate against STP events using storm-control or broadcas=
t suppression, what might be the best combination of STP enhancements and c=
ontrol-plane policing?
For example, is it possible to rate-limit broadcast/multicast, STP and ARP =
on a per VLAN basis? If so, how?
Many thanks,
P
--
Peter George
Lumison
t: 0845 1199 900
d: 0131 514 4022
P.S. Lumison have changed the way businesses communicate forever http://www=
.unified-communications.net/
________________________________
--
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
