Storm control – Rockwell Automation 1783-Mxxx Stratix 8000 and 8300 Ethernet Managed Switches User Manual User Manual

Rockwell Automation Publication 1783-UM003I-EN-P - March 2014

71

Switch Software Features Chapter 3

Storm Control

Storm control prevents traffic on a LAN from being disrupted by a broadcast,
multicast, or unicast storm on one of the physical interfaces. A LAN storm occurs
when packets flood the LAN, creating excessive traffic and degrading network
performance. Errors in the protocol-stack implementation, mistakes in network
configurations, or users issuing a denial-of-service attack can cause a storm.

Storm control (or traffic suppression) monitors packets passing from an interface
to the switching bus and determines if the packet is unicast, multicast, or
broadcast. The switch counts the number of packets of a specified type received
within the 1-second time interval and compares the measurement with a
predefined suppression-level threshold.

Storm control uses one of these methods to measure traffic activity:

• Bandwidth as a percentage of the total available bandwidth of the port that

can be used by the broadcast, multicast, or unicast traffic.

• Traffic rate in packets per second at which broadcast, multicast, or unicast

packets are received.

• Traffic rate in bits per second at which broadcast, multicast, or unicast

packets are received.

With each method, the port blocks traffic when the rising threshold is reached.
The port remains blocked until the traffic rate drops below the falling threshold
and then resumes normal forwarding. In general, the higher the level, the less
effective the protection against broadcast storms.

The graph shows broadcast traffic patterns on an interface over a given period of
time. The example can also be applied to multicast and unicast traffic. In this
example, the broadcast traffic being forwarded exceeded the configured
threshold between time intervals T1 and T2 and between T4 and T5. When the
amount of specified traffic exceeds the threshold, all traffic of that kind is
dropped for the next time period. Therefore, broadcast traffic is blocked during
the intervals following T2 and T5. At the next time interval (for example, T3), if
broadcast traffic does not exceed the threshold, it is again forwarded.

IMPORTANT

When the storm control threshold for multicast traffic is reached, all multicast

traffic except network management traffic, such as bridge protocol data unit
(BDPU) and Cisco Discovery Protocol (CDP) frames, are blocked.