Configuring traffic suppression and storm control on S series switches

For S series switches (except S1700 switches):
Traffic suppression and storm control are two security technologies used to limit rates of broadcast, unknown multicast, and unknown unicast packets to prevent storms caused by these packets.
Traffic suppression limits traffic rates using traffic rate thresholds, while storm control prevents traffic storms by shutting down interfaces.
You can run the following commands to configure traffic suppression:
[HUAWEI] interface gigabitethernet 1/0/0
[HUAWEI-GigabitEthernet1/0/0] broadcast-suppression cir 100 //Configure broadcast traffic suppression and set the CIR, that is the allowed rate at which broadcast traffic can pass through, to 100 kbit/s.
[HUAWEI-GigabitEthernet1/0/0] multicast-suppression 80 //Configure unknown multicast traffic suppression and limit the rate of unknown multicast packets to 80%.
[HUAWEI-GigabitEthernet1/0/0] unicast-suppression cir 100 //Configure unknown unicast traffic suppression and set the CIR, that is the allowed rate at which unknown unicast traffic can pass through, to 100 kbit/s.
[HUAWEI-GigabitEthernet1/0/0] quit
To block outgoing packets on an interface, run the following commands:
[HUAWEI] interface gigabitethernet 1/0/0
[HUAWEI-GigabitEthernet1/0/0] broadcast-suppression block outbound //Block outgoing broadcast packets on the interface.
[HUAWEI-GigabitEthernet1/0/0] multicast-suppression block outbound //Block outgoing unknown multicast packets on the interface.
[HUAWEI-GigabitEthernet1/0/0] unicast-suppression block outbound //Block outgoing unknown unicast packets on the interface.
[HUAWEI-GigabitEthernet1/0/0] quit
You can run the following commands to configure storm control:
[HUAWEI] interface gigabitethernet 1/0/0
[HUAWEI-GigabitEthernet1/0/0] storm-control broadcast min-rate 1000 max-rate 2000 //Configure storm control on broadcast packets.
[HUAWEI-GigabitEthernet1/0/0] storm-control multicast min-rate 1000 max-rate 2000 //Configure storm control on unknown multicast packets.
[HUAWEI-GigabitEthernet1/0/0] storm-control unicast min-rate 1000 max-rate 2000 //Configure storm control on unknown unicast packets.
[HUAWEI-GigabitEthernet1/0/0] storm-control action block //Set the storm control action to block.
[HUAWEI-GigabitEthernet1/0/0] storm-control enable log //Configure the device to record a log when detecting a storm.
[HUAWEI-GigabitEthernet1/0/0] storm-control interval 90 //Set the interval for detecting storms.
[HUAWEI-GigabitEthernet1/0/0] quit

Note: If the storm control action on an interface is block, the interface restores the normal forwarding state when the traffic falls below the lower threshold. If the storm control action is shutdown, the interface cannot restore automatically and you need to run the undo shutdown command to restore it manually.

Other related questions:
Differences between traffic suppression and storm control on S series switches
If you have more questions, you can seek help from following ways:
To iKnow To Live Chat To Google
Scroll to top