Default storm control configuration, Port security, Dynamic secure mac address (mac id) – Rockwell Automation 1783-Mxxx Stratix 8000 and 8300 Ethernet Managed Switches User Manual User Manual

72

Rockwell Automation Publication 1783-UM003I-EN-P - March 2014

Chapter 3 Switch Software Features

Figure 9 - Storm Control Example

The combination of the storm-control suppression level and the 1-second time
interval controls the way the storm control algorithm works. A higher threshold
lets more packets pass through. A threshold value of 100% means that no limit is
placed on the traffic. A value of 0.0 means that all broadcast, multicast, or unicast
traffic on that port is blocked.

Default Storm Control Configuration

By default, unicast, broadcast, and multicast storm control are disabled. You can
set a threshold by using the Logix Designer application.

Port Security

The switch has two methods for limiting the MAC addresses (MAC IDs) that
can access a given port:

• Dynamic
• Static

Dynamic Secure MAC Address (MAC ID)

Many port roles have a maximum number of MAC IDs that can use that port.
For example, the Automation Device port role sets up the port for a maximum of
one MAC ID. The MAC ID is dynamic, meaning the switch learns the first
source MAC ID to use the port. Attempts by any other MAC ID to access the
port are denied.

If the link becomes inactive, the switch dynamically relearns the MAC ID to be
secured.

Forwarded Traffic

Blocked Traffic

Total number of

broadcast

packets or bytes

Threshold

Time

0

T1

T2

T3

T4

T5

IMPORTANT

Because packets do not arrive at uniform intervals, the 1-second time interval
during which traffic activity is measured can affect the behavior of storm
control.