Storm Suppression Configuration
Storm suppression is a security technique used to control broadcast, known multicast, unknown unicast, and unknown multicast packets, preventing these four types of packets from causing broadcast storms.
After configuring broadcast, known multicast, unknown unicast, and unknown multicast storm suppression on a port, when the traffic of broadcast, known multicast, unknown unicast, or unknown multicast packets on the port exceeds the threshold set by the user, the port will discard the packets that exceed the traffic threshold. This reduces the broadcast, known multicast, unknown unicast, and unknown multicast traffic on the port to a limited range, ensuring the normal operation of network services.
Configuration Examples
Section titled “Configuration Examples”Network requirements
As shown in the figure, assuming SwitchA is located between the Layer 2 network and the Layer 3 network, it needs to prevent broadcast/known multicast/unknown unicast and unknown multicast messages forwarded by the Layer 2 network from generating broadcast storms that can affect the normal operation of network services.
Procedure
Configure Ethernet1 port byte-based broadcast message suppression
sonic(config)# interface ethernet 1sonic(config-if-1)# storm-suppress multicast packets 1000sonic(config-if-1)# storm-suppress broadcast packets 1000sonic(config-if-1)# storm-suppress unknown packets 1000Verify configuration
sonic# show interfaces storm_suppressName Broadcast Broadcast_Rate Multicast Multicast_Rate Unkown Unkown_Rate------- ------- -------------- --------- -------------- ------- -----------Ethernet1 Enable 1000Kpps Enable 1000Kpps Enable 1000Kpps