我们有一个未知设备导致网络上的广播风暴。我已经将风暴控制应用于该位置的单个接入端口,但广播风暴仍然存在。我想知道是否可以将 Storm Control 应用到中继接口以通过简单地过滤多余的广播来保护该交换机。所以我设置风暴控制如下
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level pps 1k 100
end
然后我清除了接口计数器并检查了接口统计信息
show interface g0/1
GigabitEthernet0/1 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 0019.e781.b981 (bia 0019.e781.b981)
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 2/255
Encapsulation ARPA, loopback not set
Keepalive not set
Full-duplex, 1000Mb/s, link type is auto, media type is 1000BaseSX SFP
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:03, output hang never
Last clearing of "show interface" counters 00:00:04
Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 8188000 bits/sec, 10874 packets/sec
5 minute output rate 5000 bits/sec, 3 packets/sec
43901 packets input, 4142320 bytes, 0 no buffer
Received 43855 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 43763 multicast, 0 pause input
0 input packets with dribble condition detected
33 packets output, 4676 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
所以它是 4 秒,我已经得到了 43855。这远高于我设置的 1,000 个数据包限制。但是,它似乎根本不关心过滤,只是继续转发/处理流量。
show storm-control g0/1
Interface Filter State Upper Lower Current
--------- ------------- ----------- ----------- ----------
Gi0/1 Forwarding 1k pps 100 pps 13 pps
show storm-control g0/1
Interface Filter State Upper Lower Current
--------- ------------- ----------- ----------- ----------
Gi0/1 Forwarding 1k pps 100 pps 29 pps
封装是否会阻止风暴控制工作?风暴控制在中继端口上根本不起作用吗?我担心风暴控制在任何交换机上都可能根本不起作用,尽管它已启用。