This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Clear flow "delta" action

Clear flow "delta" action

eyeV
New Contributor III

‎05-23-2014 11:07 AM

Hi everybody. I have trouble again...

I'd like to create an OpenFlow rule which sends the syslog message when broadcast rate reaches 1000 pps in some VLANs. I've applied this rule to VLAN and disabled all ports on the switch. But I see those syslog messages... What's wrong with rule?

entry BCAST-PKT {
if {
ethernet-destination-address ff:ff:ff:ff:ff:ff;
}
then {
count bcast-pkt;
}
}
entry BCAST_flood {
if {
delta bcast-pkt > 1000;
hysteresis 100;
period 1 ;
}
then {
syslog "Too many broadcast frames in VLAN $VlanName... Rule $ruleName exceeds limit $ruleThreshold" WARN 120;
}
else {
syslog "Broadcast frames in VLAN $VlanName falls bellow rate." WARN;
}
}
Slot-1: Too many broadcast frames in VLAN v20... Rule BCAST_flood exceeds limit 1000.000000
Slot-1: Too many broadcast frames in VLAN v11... Rule BCAST_flood exceeds limit 1000.000000
Slot-1: Too many broadcast frames in VLAN v22... Rule BCAST_flood exceeds limit 1000.000000
Slot-1: Too many broadcast frames in VLAN v31... Rule BCAST_flood exceeds limit 1000.000000

Slot-1: Broadcast frames in VLAN v20 falls bellow rate.
Slot-1: Broadcast frames in VLAN v11 falls bellow rate.
Slot-1: Broadcast frames in VLAN v22 falls bellow rate. Slot-1: Broadcast frames in VLAN v31 falls bellow rate.
0 Kudos
13 REPLIES 13

Drew_C
Valued Contributor III
In response to eyeV

‎02-04-2015 04:43 AM

Right now that CR shows that it is assigned to an engineer to be fixed, but hasn't been built into a release version of EXOS yet.
0 Kudos

eyeV
New Contributor III
In response to eyeV

‎02-04-2015 04:43 AM

It would be great. The CR number is xos0057835.
0 Kudos

Drew_C
Valued Contributor III
In response to eyeV

‎02-04-2015 04:43 AM

What's the CR number? I'll look it up for you.
0 Kudos

Sumit_Tokle
Contributor

‎05-26-2014 12:31 AM

It's depends on how much traffic you are expecting.
0 Kudos

eyeV
New Contributor III

‎05-24-2014 07:37 AM

I've changed policy again

entry BCAST-PKT {
if match all {
ethernet-destination-address ff:ff:ff:ff:ff:ff ;
}
then {
count bcast-pkt ;
}
}
entry BCAST_flood {
if match all {
delta bcast-pkt > 20 ;
period 10 ;
}
then {
syslog "$RuleValue Too many broadcast frames in VLAN $VlanName... Rule $ruleName exceeds limit $ruleThreshold" WARN 30 ;
}
else {
syslog "Broadcast frames in VLAN $VlanName falls bellow rate." WARN ;
}
}

And it seems that rule works correct. Can I set the value of 1 second for the period?

0 Kudos
GTM-P2G8KFN