How to configure broadcast traffic suppression on an interface of a CE series switch

29

Excessive broadcast packets on inbound and outbound interfaces of a switch will cause broadcast storms. To limit the rate of broadcast packets on an interface, you can configure broadcast traffic suppression on the interface.
For example, you can configure broadcast traffic suppression on 10GE1/0/1 and set the maximum rate of broadcast packets on the interface to 100 kbit/s.
<HUAWEI> system-view
[~HUAWEI] interface 10ge 1/0/1
[~HUAWEI-10GE1/0/1] storm suppression broadcast cir 100
[*HUAWEI-10GE1/0/1] commit

Other related questions:
How to configure unknown unicast traffic suppression on an interface of a CE series switch
Excessive unknown unicast packets on inbound and outbound interfaces of a switch will cause broadcast storms. To limit the rate of unknown unicast packets on an interface, you can configure unknown unicast traffic suppression on the interface.
For example, you can configure unknown unicast traffic suppression on 10GE1/0/1 and set the maximum rate of unknown unicast packets on 10GE1/0/1 to 100 kbit/s.
<HUAWEI> system-view
[~HUAWEI] interface 10ge 1/0/1
[~HUAWEI-10GE1/0/1] storm suppression unknown-unicast cir 100
[*HUAWEI-10GE1/0/1] commit

Configuring traffic suppression and storm control on S series switches
For S series switches (except S1700 switches): Traffic suppression and storm control are two security technologies used to limit rates of broadcast, unknown multicast, and unknown unicast packets to prevent storms caused by these packets. Traffic suppression limits traffic rates using traffic rate thresholds, while storm control prevents traffic storms by shutting down interfaces. You can run the following commands to configure traffic suppression: [HUAWEI] interface gigabitethernet 1/0/0 [HUAWEI-GigabitEthernet1/0/0] broadcast-suppression cir 100 //Configure broadcast traffic suppression and set the CIR, that is the allowed rate at which broadcast traffic can pass through, to 100 kbit/s. [HUAWEI-GigabitEthernet1/0/0] multicast-suppression 80 //Configure unknown multicast traffic suppression and limit the rate of unknown multicast packets to 80%. [HUAWEI-GigabitEthernet1/0/0] unicast-suppression cir 100 //Configure unknown unicast traffic suppression and set the CIR, that is the allowed rate at which unknown unicast traffic can pass through, to 100 kbit/s. [HUAWEI-GigabitEthernet1/0/0] quit To block outgoing packets on an interface, run the following commands: [HUAWEI] interface gigabitethernet 1/0/0 [HUAWEI-GigabitEthernet1/0/0] broadcast-suppression block outbound //Block outgoing broadcast packets on the interface. [HUAWEI-GigabitEthernet1/0/0] multicast-suppression block outbound //Block outgoing unknown multicast packets on the interface. [HUAWEI-GigabitEthernet1/0/0] unicast-suppression block outbound //Block outgoing unknown unicast packets on the interface. [HUAWEI-GigabitEthernet1/0/0] quit You can run the following commands to configure storm control: [HUAWEI] interface gigabitethernet 1/0/0 [HUAWEI-GigabitEthernet1/0/0] storm-control broadcast min-rate 1000 max-rate 2000 //Configure storm control on broadcast packets. [HUAWEI-GigabitEthernet1/0/0] storm-control multicast min-rate 1000 max-rate 2000 //Configure storm control on unknown multicast packets. [HUAWEI-GigabitEthernet1/0/0] storm-control unicast min-rate 1000 max-rate 2000 //Configure storm control on unknown unicast packets. [HUAWEI-GigabitEthernet1/0/0] storm-control action block //Set the storm control action to block. [HUAWEI-GigabitEthernet1/0/0] storm-control enable log //Configure the device to record a log when detecting a storm. [HUAWEI-GigabitEthernet1/0/0] storm-control interval 90 //Set the interval for detecting storms. [HUAWEI-GigabitEthernet1/0/0] quit Note: If the storm control action on an interface is block, the interface restores the normal forwarding state when the traffic falls below the lower threshold. If the storm control action is shutdown, the interface cannot restore automatically and you need to run the undo shutdown command to restore it manually.

Can broadcast and multicast packets be simultaneously suppressed after traffic suppression is enabled on an interface of an S series switch
Traffic suppression can be configured for both broadcast and multicast packets on an interface of an S series switch. Traffic suppression on an interface is implemented for one type of packets as follows: After broadcast traffic suppression is enabled on an interface, only broadcast packets are suppressed. After unknown multicast traffic suppression is enabled on an interface, only unknown multicast packets are suppressed. After unknown unicast suppression is enabled on an interface, only unknown unicast packets are suppressed.

How to configure broadcast storm control on an interface of a CE series switch
Excessive broadcast packets on inbound and outbound interfaces of a switch will cause broadcast storms. To limit the rate of broadcast packets on an interface, you can configure broadcast storm control on the interface.
For example, you can configure broadcast storm control on 10GE1/0/1.
<HUAWEI> system-view
[~HUAWEI] interface 10ge 1/0/1
[~HUAWEI-10GE1/0/1] storm control broadcast min-rate 1000 max-rate 2000 //Set the lower threshold for storm control to 1000 pps and upper threshold to 2000 pps.
[*HUAWEI-10GE1/0/1] storm control action error-down //Configure the switch to shut down the interface when detecting a broadcast storm.
[*HUAWEI-10GE1/0/1] commit

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top