Out of profile status and rate-limit flood

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
  • (Edited)
Model: Summit X460
Software version: 16.1

With the "rate-limit flood broadcast 500 out-actions log disable-port" configured. When a flood rate is exceeded. Is there another way to enable a port with a "Out of profile" status other than enter the command Clear port rate-limit flood ?
Photo of Marc

Marc

  • 100 Points 100 badge 2x thumb
  • unsure

Posted 2 years ago

  • 0
  • 1
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Marc,  

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10 
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.
Photo of Drew C.

Drew C., Community Manager

  • 38,610 Points 20k badge 2x thumb
Any luck, Marc?
Photo of Marc

Marc

  • 100 Points 100 badge 2x thumb
Yes it works. Can you explain why manually enabling a port with the command "enable port" after a port status goes "Out of profile" does not work but enabling a port trough a UPM script does reset it's status to "Ok"?
Thank you
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Marc, 

You mean you cannot enable a port with enable port x after a port status goes to Out of profile/disabled or the command clear port <port_list> rate-limit flood does not work?
Photo of Marc

Marc

  • 100 Points 100 badge 2x thumb
Hi,

I mean I cannot enable a port with enable port x after a port status goes to Out of profile. I need to use the command clear ports x rate-limit flood out-of-profile first.

When I tried to enable a port without clearing the counters first, the port enable and disable as soon as it is up.
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Marc, In my lab setup I was able to use both commands clear ports x rate-limit flood out-of-profile  and enable ports x. Both worked as expected.

If the traffic is still hitting the condition applied, then the port will go up/down right after using one of the 2 commands.

However, if the traffic stops hitting the rate-limit rule, then the port will remain up.

I have tested this scenario with EXOS 16.1.3.6 patch1-9.