This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Rate-limit

Rate-limit

eyeV
New Contributor III

‎11-20-2014 10:01 AM

Hi everybody.
I have two Summit x670 (15.4.1.3) switches and I'd like to limit inbound broadcast, multicast and unknown unicast packets on specific ports. So, I've configured rate-limit to 500pps.

config port 3 rate-limit flood broadcast 500
config port 3 rate-limit flood multicast 500
config port 3 rate-limit flood unknown-destmac 500Then I see the output of "show ports 3 stat" command. I see only 10-20 pps, but Flood Rate Exceeded counter is increasing and I have log messages like
Flood Rate Limiting activated on Port 3
23 REPLIES 23

eyeV
New Contributor III

‎11-20-2014 10:51 AM

Ok. But I have about 50 vlans on this port.

Anyway, this is an output of show l2stats vlan Default command.

Bridge interface on VLAN Default:
Total number of packets to CPU = 5.
Total number of packets learned = 48.

Bridge interface on VLAN Default:
Total number of packets to CPU = 8.
Total number of packets learned = 70.

Bridge interface on VLAN Default:
Total number of packets to CPU = 11.
Total number of packets learned = 104.

Bridge interface on VLAN Default:
Total number of packets to CPU = 14.
Total number of packets learned = 132.

Bridge interface on VLAN Default:
Total number of packets to CPU = 16.
Total number of packets learned = 142.

Bridge interface on VLAN Default:
Total number of packets to CPU = 18.
Total number of packets learned = 174.
0 Kudos

PARTHIBAN_CHINN
Contributor

‎11-20-2014 10:39 AM

hello broadcast packets directly hit cpu.
unknown unicast [mac learning]
Total number of packets learned = 38837.
clear l2stats
show l2stats vlan -run this command 5 times with 1 sec interval to see how many
packets are hitting cpu.
0 Kudos

eyeV
New Contributor III

‎11-20-2014 10:32 AM

I can write an acl like.
entry BCAST {
if {
ethernet-destination-address ff:ff:ff:ff:ff:ff;
}
then {
packet-count bcast-pkt;
}
}As to "show l2stats". I don't see any broadcast or multicast counters in output of this command. I see only
Bridge interface on VLAN Default:
Total number of packets to CPU = 2923.
Total number of packets learned = 38837.
Total number of IGMP control packets snooped = 255.
Total number of IGMP data packets switched = 218.
Total number of MLD control packets snooped = 0.
Total number of MLD data packets switched = 0.

0 Kudos

PARTHIBAN_CHINN
Contributor

‎11-20-2014 10:16 AM

can you write an acl to count the ingress packets.
just to confirm what packets are seen.
show l2stats for that specific vlan.
see how many packets are multicast and how many are broadcast.
clear l2stats
show l2stats vlan
0 Kudos
GTM-P2G8KFN