Port thresholds, Incoming (storm control) – Rockwell Automation 1783-BMxxx Stratix 5700 Ethernet Managed Switches User Manual User Manual

Rockwell Automation Publication 1783-UM004E-EN-P - June 2014

95

Switch Software Features Chapter 3

Port Thresholds

Port thresholds prevent traffic on a LAN from being disrupted by a broadcast,
multicast, or unicast storm on one of the physical interfaces. Port Thresholds do
not apply to switches with lite firmware.

A LAN storm occurs when packets flood the LAN, creating excessive traffic and
degrading network performance. Errors in the protocol-stack implementation,
mistakes in network configurations, or users issuing denial-of-service attacks can
cause a storm.

Incoming (storm control)

Incoming port thresholds (or traffic suppression) monitors packets passing from
an interface to the switching bus and determines if the packet is unicast,
multicast, or broadcast. The switch counts the number of packets of a specified
type received within the 1-second time interval and compares the measurement
with a predefined suppression-level threshold.

Port thresholds uses one of these methods to measure traffic activity:

• Bandwidth as a percentage of the total available bandwidth of the port that

can be used by the broadcast, multicast, or unicast traffic.

• Traffic rate in packets per second at which broadcast, multicast, or unicast

packets are received.

• Traffic rate in bits per second at which broadcast, multicast, or unicast

packets are received.

With each method, the port blocks traffic when the rising threshold is reached.
The port remains blocked until the traffic rate drops below the falling threshold
and then resumes normal forwarding. In general, the higher the level, the less
effective the protection against broadcast storms.

The graph shows broadcast traffic patterns on an interface over a given period of
time. The example can also be applied to multicast and unicast traffic. In this
example, the broadcast traffic being forwarded exceeded the configured
threshold between time intervals T1 and T2 and between T4 and T5. When the
amount of specified traffic exceeds the threshold, all traffic of that kind is
dropped for the next time period. Therefore, broadcast traffic is blocked during
the intervals following T2 and T5. At the next time interval (for example, T3), if
broadcast traffic does not exceed the threshold, it is again forwarded.

IMPORTANT

When the port threshold for multicast traffic is reached, all multicast traffic

except network management traffic, such as bridge protocol data unit (BDPU)
and Cisco Discovery Protocol (CDP) frames, are blocked.