OcNOS-RON : Quality of Service Guide : Quality of Service Configuration Guide : Rate Limiting BUM Traffic
Rate Limiting BUM Traffic
To prevent the CPU from getting flooded with Broadcast, Unknown Unicast, and Multicast (BUM) traffic, rate limiting can be applied at the ingress interface. This configuration is called “storm control” and is independent of the QoS feature, and can be configured directly on the interface in the ingress direction.
Configuring per port rate limiting for BUM traffic
BUM rate limiting can be configured on the interface via following command:
storm-control (broadcast|multicast|dlf) (level LEVEL |<0-4294967294> (kbps|mbps|gbps|fps)) (burst-size <32-128000>|)
The broadcast option is for broadcast traffic, multicast option is for multicast traffic and dlf (Destination Lookup Failure) option is for unknown unicast traffic.
There are two ways to configure the rate limiting information. One is in percentage and the other is in absolute values. Use the level option to configure in percentage format where the link speed is used for rate calculation. Percentage value can be configured with up to four fractional digits in order to support kbps level rate limiting on 100 gbps ports, and the Absolute configuration option uses the input rate in kbps, mbps, fps, or gbps.
Burst-size is an optional parameter, if storm control is not configured with burst-size, default value is calculated as 5ms of configured rate to limit the traffic. Minimum of 32 Kbps burst will be allocated if the calculated value is below 32 Kbps.
An example of BUM rate limiting is shown below:
(config)#interface xe1
(config-if)#switchport
(config-if)#storm-control dlf 2 mbps
(config-if)#commit
(config-if)#exit
In the configuration above, unknown unicast traffic received on xe1 will be rate limited to 1.98 mbps. Burst-size is calculated as 32 Kbps.
Note: Minimum granularity for storm-control is 64 Kbps.
Note: Burst-range in XGS : 32-128000 Kbps.
Note: Storm Discard notification is sent in case of packet discards but not based on configuration.
Storm Detection Time
Rate-limit setting should take place immediately after detecting storm. With existing burst size, rate limit is happening after few seconds, if burst size should be changed to a lower value so that rate-limiting happens immediately on the switch. Also, user have a provision to change burst size through CLI.
An example of BUM rate limiting with Burst-size configuration is shown below:
(config)#interface xe1
(config-if)#switchport
(config-if)#storm-control broadcast 600 kbps burst-size 40
(config-if)#commit
(config-if)#exit
In the configuration above, broadcast traffic received on xe1 will be rate limited to 600 kbps and Burst-size is configured as 40 Kbps. If traffic sent is 700 kbps. Time taken to detect the storm should be 0.32 Seconds.
Storm Control Notifications
When storm control occurs in switch, there is no direct way for the user to identify the storm apart from discard counters with "show storm-control" CLI. So SNMP trap and syslog notifications are generated for the user to know about the storm control.
If storm-control occurs, based on the rate-limit discard counters, a Syslog notification and SNMP trap is generated. As the rate-limit packet discards stops, another syslog notification and SNMP trap is generated that storm packet discards are stopped.
Displaying BUM rate limit information
Use the following command to verify BUM rate limit configuration:
show storm-control (INTERFACE-NAME|)
show storm-control
*The hardware applicable value is displayed
Port BcastLevel(burst) McastLevel(burst) DlfLevel(burst) Discards
xe1 576.000 kbps(40 Kbps) 100.0000%(0 Kbps) 1.984 mbps(32 Kbps) 125411
 
2021 Sep 23 19:51:09.639 : OcNOS : HSL : NOTIF : [IF_STORM_DISCARDS_4]: Storm control discards started on interface xe1 total discards 364173
 
2021 Sep 23 19:52:45.740 : OcNOS : HSL : NOTIF : [IF_STORM_DISCARDS_4]: Storm control discards stopped on interface xe1 total discards 1272806