Storm control on EXOS
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-27-2015 11:06 AM
How do you control broadcast storms, multicast storms, etc. in the Extreme EXOS, in the Cisco world there is "storm-control", but I don't see anything in EXOS to handle this. I recently had a go around with the even Intel I217-LM NIC driver that sends IPv6 Multicast Listener Discovery Queries from Lenovo M93p desktops when in power save mode on driver ver 12.6.47.0, upgrading to ver 12.6.x fixed the issue, but obviously the network is wide open for such issues.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-27-2015 02:52 PM
On the note of egress flood protection, I see that EXOS has the "config ports x:x rate-limit egress ", can this be used effectively to account for the IPv6 multicast flood I described?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-27-2015 01:56 PM
This is a pretty simple thing to execute on all ports. I have seen customers use scripts or simply copy paste to add it to all the switches. Using NS with its scripting will allow you to play the script across the whole network.
Another aspect is that I would suggest using a queue on the uplinks at a minimum to put broadcast into a queue and limit the amount egressing the switch. You can do the same with other packet types if needed. Just use an ACL to look at all FFs and place it into a queue like qp3 and set a max % on the port.
I would recommend being careful though if you do not understand the amount of traffic or the types of packets used by applications on your network you can cause issues.
Hope this helps
Another aspect is that I would suggest using a queue on the uplinks at a minimum to put broadcast into a queue and limit the amount egressing the switch. You can do the same with other packet types if needed. Just use an ACL to look at all FFs and place it into a queue like qp3 and set a max % on the port.
I would recommend being careful though if you do not understand the amount of traffic or the types of packets used by applications on your network you can cause issues.
Hope this helps
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-27-2015 01:40 PM
We had the exact same issue happening us. The problem with the limit is that it's ingress and if you have not protected yourself everywhere you will have the egress flood anyway. Other than that it works very well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-27-2015 11:46 AM
Great, thanks for the info...have you had any success or lack there of when setting these limits? Meaning, have you had settings that caused issues and are now using ones that are a better compromise?