EOS - S-Series: Sending Trap if broadcast suppression limit is reached

  • 0
  • 1
  • Question
  • Updated 11 months ago
  • Answered
Is it possible that s-series (or K or 7100) are send an traps if the broadcast supression threshold value is reached ?

I do that with all my EXOS stuff and what using the same mechanism with EOS.

Regards
Photo of M.Nees

M.Nees, Embassador

  • 9,126 Points 5k badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Bastian Sprotte

Bastian Sprotte, Employee

  • 1,610 Points 1k badge 2x thumb
Matthias,
that is not supported in EOS, as this is an MAC chip function and the MAC chip will not alert the OS about the condition. We had reviewed the option to poll these counters internal, but decide the NMS will poll the counter per SNMP and an Flexview is available.
We have no plans to add that function to EOS as i know.
regards
Bastian
-
Photo of M.Nees

M.Nees, Embassador

  • 9,126 Points 5k badge 2x thumb
Thanks a lot for that further explanation.

Regards
Photo of M.Nees

M.Nees, Embassador

  • 9,126 Points 5k badge 2x thumb
Hi Bastian,

thinking twice about that limitation. I think there will be surely a solution for EOS that these systems are able to sending traps if the limit was exceeded. (i think checking threshold exceeding within EOS OS in a fixed intervall was enough).

My customer and i have huge problems to use a common configuration although we have only extreme networks gear (no other vendor). Over the time it is unavoidable to have EOS and EXOS staff in the same network.  

But it is sometimes very hard because these two OSes does not offer the same feature or sometimes have opposed concepts.

So from my side it will be very usefull to enhance EOS in this way to offer the same mechanism like EXOS. S / K / 7100 are still update to date switching HW.


Regards,
Matthias
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hello Matthias,

EOS provides this functionality already, it is called CoS-based flood control. See e.g the documentation or some GTAC Knowledge articles like Network being flooded with Multicast packets causing Network outages and How To Clear CoS Flood Violation on S-Series. There is an article on The Hub as well, Purpose of the 'cos flood-ctrl' command set.

This feature is available on the SecureStacks and similar as well, not only on S/K/7100. Even the old N-Series provided this feature.

If you use CoS-based flood control to limit multicast frames, you should ensure to use a recent enough firmware containing the fix for the issue N/S/K Series : COS Flood Control for multicast traffic drops BPDUs and affects Spanning Tree behavior.

In contrast to the simple broadcast limiters, CoS-based flood control can be used to individually limit broadcast, multicast, and unknown unicast frames. In this regard it is similar to Cisco's Traffic Storm Control. [Cisco IOS cannot limit unknown unicast frames, the Traffic Storm Control unicast limit affects all unicast frames. Cisco NX-OS can limit unknown unicast frames using the same configuration commands as Cisco IOS. ExtremeEOS correctly limits unknown unicast frames if told to do so.]

The EXOS equivalent would be rate-limit flood. See How to Rate Limit Multicast or Broadcast Flooded traffic on EXOS as well.

Thanks,
Erik

[Edited to add some links]
(Edited)
Photo of M.Nees

M.Nees, Embassador

  • 9,126 Points 5k badge 2x thumb
Hi Eric,
thanks a lot for the valueable advice - this was excactly what i (my customers) needs!

I will try that.

Thanks also to give me the advice regarding the EOS firmware. That a topic at my current installation.

Let 's configure and run better networks ;-))

Regards
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hello Matthias,

if you use the CoS-based flood control instead of the basic broadcast limiter (set cos port-config flood-ctrl), you can use set cos port-resource flood-ctrl to send a sylog message, a trap, or disable the port if the configured threshold is reached. You need to enable CoS (set cos state enable) to actually use this feature.

Thanks,
Erik
Photo of Peter

Peter

  • 806 Points 500 badge 2x thumb
Is there a way to only notify via syslog or trap when broadcast limit threshold is reached and not to act/drop frames?

When I understand right "set cos port-resource flood-ctrl" does not have this option...