OcNOS-SP : Quality of Service Guide : Quality of Service Configuration Guide : Rate Limiting BUM Traffic
Rate Limiting BUM Traffic
To prevent the CPU from getting flooded with Broadcast, Unknown Unicast, and Multicast (BUM) traffic, rate limiting can be applied at the ingress interface. This configuration is called “storm control” and is independent of the QoS feature, and can be configured directly on the interface in the ingress direction.
Configuring per port rate limiting for BUM traffic
BUM rate limiting can be configured on the interface via following command:
storm-control (broadcast|multicast|dlf) (level LEVEL | <0-4294967294> (kbps|mbps|gbps)) (burst-size <1-33292>|)
The broadcast option is for broadcast traffic, multicast option is for multicast traffic and dlf (Destination Lookup Failure) option is for unknown unicast traffic.
There are two ways to configure the rate limiting information. One is in percentage and the other is in absolute values. Use the level option to configure in percentage format where the link speed is used for rate calculation. Percentage value can be configured with up to four fractional digits in order to support kbps level rate limiting on 100 gbps ports, and the Absolute configuration option uses the input rate in kbps, mbps, or gbps.
Burst-size is an optional parameter, if storm control is not configured with burst-size, default value is calculated as 5ms of configured rate to limit the traffic.
An example of BUM rate limiting is shown below:
(config)#interface xe1
(config-if)#switchport
(config-if)#storm-control dlf 2 mbps
(config-if)#exit
In the configuration above, unknown unicast traffic received on xe1 will be rate limited to 2 mbps. Burst-size is calculated as 10 Kbps.
Note: Packets marked with color red are dropped by default by Qumran devices. This default behavior can be modified with global command to disable red packet drop. However, traffic policing and storm control will not work if red packet drop is disabled.
Note: Burst-range in Qumran: 1-33292 Kbps.
Note: Storm discard notification is sent in case of packet discards but not based on configuration.
Storm Detection Time
Rate-limit setting should take place immediately after detecting storm. With existing burst size, rate limit is happening after few seconds, if burst size should be changed to a lower value so that rate-limiting happens immediately on the switch. Also, user have a provision to change burst size through CLI.
An example of BUM rate limiting with Burst-size configuration is shown below:
(config)#interface xe1
(config-if)#switchport
(config-if)#storm-control broadcast 600 kbps burst-size 15
(config-if)#exit
In the configuration above, broadcast traffic received on xe1 will be rate limited to 600 kbps and Burst-size is configured as 15 Kbps. If traffic sent is 700 kbps. Time taken to detect the storm should be 0.15 Seconds.
Displaying BUM rate limit information
Use the following command to verify BUM rate limit configuration:
show storm-control (INTERFACE-NAME|)
Note: Discard counters for BUM rate limiting is not supported on Qumran.
#sh storm-control
*The hardware applicable value is displayed
Port BcastLevel(burst) McastLevel(burst) DlfLevel(burst)
xe1 600.000 kbps(15 Kbps) 100.0000%(0 Kbps) 2.000 mbps(10 Kbps)