Header Only - DO NOT REMOVE - Extreme Networks

Out of profile status and rate-limit flood


Model: Summit X460 Software version: 16.1 With the "rate-limit flood broadcast 500 out-actions log disable-port" configured. When a flood rate is exceeded. Is there another way to enable a port with a "Out of profile" status other than enter the command Clear port rate-limit flood ?

7 replies

Userlevel 6
Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.
Henrique wrote:

Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.

Thanks for the answer,
I will try that tomorrow. I suspect that enabling a port with a "Out of profile" status won't work.
Userlevel 7
Henrique wrote:

Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.

Any luck, Marc?
Henrique wrote:

Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.

Yes it works. Can you explain why manually enabling a port with the command "enable port" after a port status goes "Out of profile" does not work but enabling a port trough a UPM script does reset it's status to "Ok"?
Thank you
Userlevel 6
Henrique wrote:

Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.

Hi Marc,

You mean you cannot enable a port with enable port x after a port status goes to Out of profile/disabled or the command clear port rate-limit flood does not work?
Henrique wrote:

Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.

Hi,

I mean I cannot enable a port with enable port x after a port status goes to Out of profile. I need to use the command clear ports x rate-limit flood out-of-profile first.

When I tried to enable a port without clearing the counters first, the port enable and disable as soon as it is up.
Userlevel 6
Henrique wrote:

Hi Marc,

You might be able to do that using UPM script triggered by an EMS event "vlan.msgs.FldRateOutActDsblPort" which is related to that flood control out-action disable-port.

Example:

create upm profile "enableport"
enable port 10
.

Note: The script above is related to flood control applied to port 10

create log filter "disableportflood"
configure log filter "disableportflood" add events "vlan.msgs.FldRateOutActDsblPort"

create log target upm "enableport"
configure log target upm "enableport" filter "disableportflood"
enable log target upm "enableport"

As soon as the port 10 is disabled by the flood control feature, a log message is created and the UPM is triggered to enable the port.

Please let me know if that can give some clue otherwise we can think in another solution.

Hi Marc, In my lab setup I was able to use both commands clear ports x rate-limit flood out-of-profile and enable ports x. Both worked as expected.

If the traffic is still hitting the condition applied, then the port will go up/down right after using one of the 2 commands.

However, if the traffic stops hitting the rate-limit rule, then the port will remain up.

I have tested this scenario with EXOS 16.1.3.6 patch1-9.

Reply