Overview
A broadcast storm occurs when huge amount of broadcast, multicast, or unknown unicast packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation or in the network configuration can also cause a storm. The mechanism to prevent and control such events is known as storm control or broadcast suppression.
Mitigation
Storm control uses rising and falling thresholds to block and then restore the forwarding of broadcast, unicast, or multicast packets.
- The rising threshold is the traffic limit after which, that particular traffic is blocked.
- The falling threshold is the traffic limit below which, that particular starts forwarding again, if it was already blocked.
Configure
# Configure
configure terminal
interface <interface-id>
storm-control {broadcast | multicast | unicast} level <level> [<level-low>]
storm-control {broadcast | multicast | unicast} level bps <bps> [<bps-low>]
storm-control {broadcast | multicast | unicast} level pps <pps> [<pps-low>]
storm-control action {shutdown | trap}
end
# Monitoring
show storm-control [interface-id] [broadcast | multicast | unicast]
show interfaces [interface-id] switchportParameter explanation
{broadcast | multicast | unicast}
Specifies the traffic type(s) you want to limit:
- Broadcast — controls the rate of broadcast traffic (e.g., ARP requests, DHCP Discover messages).
- Multicast — controls the rate of multicast traffic (e.g., streaming video, routing protocol updates).
- Unicast — controls the rate of unknown unicast traffic, i.e., frames sent to destinations not in the MAC address table (so they are flooded).
level
Defines the traffic threshold that triggers storm control.
There are three possible units to define it:
# Percentage
storm-control broadcast level 0.5 0.30.5→ 50% of bandwidth (upper threshold)0.3→ 30% (lower threshold)
# Bits per second (bps)
storm-control multicast level bps 10000000 5000000Limits multicast traffic to 10 Mbps (high threshold) and 5 Mbps (low threshold).
# Packets per second (pps)
storm-control unicast level pps 1000 800Limits unknown unicast traffic to 1000 packets per second, resumes below 800.