[74268] in North American Network Operators' Group
Re: L2 Broadcast/multicast limits on ethernet ports
daemon@ATHENA.MIT.EDU (Arien Vijn)
Mon Sep 20 17:01:07 2004
In-Reply-To: <20040920193225.82173.qmail@web88203.mail.re2.yahoo.com>
Cc: Arien Vijn <arien.vijn@ams-ix.net>, nanog@merit.edu
From: Arien Vijn <arien+nanog@ams-ix.net>
Date: Mon, 20 Sep 2004 22:45:31 +0200
To: KASHIF SALAMM <ksalam@rogers.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Sep 20, 2004, at 9:32 PM, KASHIF SALAMM wrote:
> Thanx Arien
> =A0
> Yes that's the command we will be doing.
> =A0
> The basic purpose is to stop the cpu's=A0 to shoot up to 70 + %=20
> utilistaion and to crash/reboot as we experienced the same.
> =A0
> What numbers you are using for 10/100/1000 ports.
We use it global for all ports.
#sh run | i limit
broadcast limit 500
multicast limit 10000
unknown-unicast limit 1000
The numbers are based on tests we did on the IronCore hardware. We too=20=
wanted to limit CPU utilisation. Connected switches remained usable=20
while the address learning rate was not affected.
But again it are egress limits. Multicast, broadcast and unknown=20
unicast frames hit the CPU before they are dropped or forwarded.
Kind regards, Arien
