storm_control

You stand between the storm on the Horizon and the one forming on your LAN!

This will actually be a relatively short post, as there is not a whole lot to the configuration for Storm Control (that I know to cover for the SWITCH exam), however this should be more than enough to get you through exam day and help you on the job.

Through CCNA studies, we all know that Storms can come in the form of Broadcast / Multicast / (Unknown) Unicast packets being recycled around the network, until they are consuming a considerable amount of bandwidth and slowing things down – This is where Storm-Control comes into play.

Storm-Control is configured on the interface level of switch ports, to set a threshold or percentage of the available bandwidth a certain type of traffic can utilize, before a configured action is taken, then when a secondary threshold is met (traffic comes down in utilization) it backs off the action taken.

Lets take a look at Storm-Control configuration

In this example I will set a threshold for Broadcast traffic Utilization on Fa1/0/1:

SW1(config)#int fa1/0/1
SW1(config-if)#
SW1(config-if)#storm-control ?
action Action to take for storm-control
broadcast Broadcast address storm control
multicast Multicast address storm control
unicast Unicast address storm control

SW1(config-if)#storm-control broadcast ?
level Set storm suppression level on this interface

SW1(config-if)#storm-control broadcast level ?
<0.00 – 100.00> Enter rising threshold
bps Enter suppression level in bits per second
pps Enter suppression level in packets per second

SW1(config-if)#storm-control broadcast level 50 ?
<0.00 – 100.00> Enter falling threshold
<cr>

SW1(config-if)#storm-control broadcast level 50 35 ?
<cr>

SW1(config-if)#storm-control broadcast level 50 35

BPS and PPS may work if you are very familiar with your LAN throughput, you can actually make an educated guess as to how to set this based on “sh int faX/X/X” statistics, however I will stick with percentage.

This time slot concept for storm-control concept is a bit odd, so stay with me

Storm-Control has a sort of odd way of when it goes into Action, because it uses Time Slots (which I will not go into those details here), however the previous times slots statistics will determine the following time slots Action as shown here:

Storm_Time

You would think that once under the Threshold set the Packet Drops may stop, or even when the low Threshold is hit the Packet Drops will stop, but that is wrong!

We see beginning in Time Slot 1 that the 50% Threshold is broken, however no Action is taken until the next time slot, because the current time slots Statistics effects the next Time Slots actions!

So then in Time Slot 2 the storm-control Action begins (packet drops by Default), and the Action doesn’t stop once it drops back below the Threshold of 50%, or even in Time Slot 3 where it goes finally goes back below the Low Threshold of 35%.

For the Action to stop taking effect there must be an entire Time Slot (4 in the example), where the traffic stays UNDER the Low Threshold before it will back off its configured Action to take for Storm Control, and allow for Forwarding of the specified Traffic type.

Speaking of Storm Control Actions, how to configure those, and what they do!

Configuring the Action taken when threshold is hit (again at interface level):

SW1(config-if)#storm-control ?
action Action to take for storm-control
broadcast Broadcast address storm control
multicast Multicast address storm control
unicast Unicast address storm control

SW1(config-if)#storm-control action ?
shutdown Shutdown this interface if a storm occurs
trap Send SNMP trap if a storm occurs

SW1(config-if)#storm-control action shutdown ?
<cr>

SW1(config-if)#storm-control action trap ?
<cr>

Once a threshold hold is hit it either shuts down / open back up the port, or sends an SNMP Trap message indicating this, whichever you choose there are no modifiers.

Note – An Interface shutdown by Storm Control “Action” goes into an err-disable state when shutdown, and can be brought back up with errdisable recovery!

How to enable Errdisable Recovery in time intervals rather than by cause!

SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#errdisable ?
detect Error disable detection
flap-setting Error disable flap detection setting
recovery Error disable recovery

SW1(config)#errdisable recover ?
cause Enable error disable recovery for application
interval Error disable recovery timer value

SW1(config)#errdisable recover interval ?
<30-86400> timer-interval(sec)

SW1(config)#errdisable recover interval 30

This could come in handy on exam day if you can’t see the cause listings, you can just use interval to bring anything out of err-disable state, but if its still misconfigured it will go right back into err-disabled state until fixed!

Now for some Verification of Storm Control settings!

Some verification (of course!):

On the Interface

SW1(config-if)#do sh run int fa1/0/1
Building configuration…

Current configuration : 109 bytes
!
interface FastEthernet1/0/1
storm-control broadcast level 50.00 35.00
storm-control action shutdown
end

This is the only command I’ve found to actually show the “storm-control action” configured for an interface, as you will see in the next few verification commands here.

“sh storm-control”:

SW1(config-if)#do sh storm-control
Interface Filter State Upper Lower Current
——— ————- ———– ———– ———-
Fa1/0/1 Forwarding 50.00% 35.00% 0.00%

Pretty self explanatory, this is the command that will show ALL interfaces configured, and their configuration values for storm-control – You may see “Dropping” or “Shutdown” under some “Filter State” fields on exam day if a Threshold Action is in effect.

A couple different ways to look at individual interface storm-control:

SW1#sh storm-control fa1/0/1
Interface Filter State Upper Lower Current
——— ————- ———– ———– ———-
Fa1/0/1 Forwarding 50.00% 35.00% 0.00%

SW1#sh storm-control fa1/0/1 ?
broadcast Broadcast storm control
multicast Multicast storm control
unicast Unicast storm control
| Output modifiers
<cr>

SW1#sh storm-control fa1/0/1 broadcast
Interface Filter State Upper Lower Current
——— ————- ———– ———– ———-
Fa1/0/1 Forwarding 50.00% 35.00% 0.00%
SW1#

It gives the same information, however you may be tasked to issue a command to specifically “Multicast” or “Unicast” storm-control configs on exam day, so this is how you would do that.

Storm-Control can also be configured on both Trunk and Port-Channel interfaces, however with the higher traffic throughput, it may cause more problems than it solves so be careful with deploying it over these type of links.

That does it for Storm-Control, you are now a Storm Control Expert!