Enables storm control on the firewall policy
Storms are packet bombardments that exceed the high threshold value configured for an interface. During a storm, packets are throttled until the rate falls below the configured rate, severely impacting performance for the RF Domain manager interface.
Storm control limits multicast, unicast and broadcast frames accepted and forwarded by a device. Messages are logged based on their severity level.
storm-control [arp|broadcast|multicast|unicast]
storm-control [arp|broadcast|multicast|unicast] [level|log]
storm-control [arp|broadcast|multicast|unicast] level <1-1000000> [fe <1-4>|ge <1-8>|port-channel <1-8>|up1|wlan <WLAN-NAME>]
storm-control [arp|broadcast|multicast|unicast] log [<0-7>|alerts|critical| debugging|emergencies|errors|informational|none|notifications|warnings]
storm-control [arp|broadcast|multicast|unicast] level <1-1000000> [fe <1-4>|ge <1-8>|port-channel <1-8>|up1|wlan <WLAN-NAME>]
|
arp |
Configures storm control for ARP packets |
|
broadcast |
Configures storm control for broadcast packets |
|
multicast |
Configures storm control for multicast packets |
|
unicast |
Configures storm control for unicast packets |
|
level <1-1000000> |
Configures the allowed number of packets received per second before storm control begins
|
|
fe <1-4> |
Sets the FastEthernet port for storm control from 1 - 4 |
|
ge <1-8> |
Sets the GigabitEthernet port for storm control from 1 - 8 |
|
port-channel <1-8> |
Sets the port channel for storm control from 1- 8 |
|
up1 |
Sets the uplink interface |
|
wlan <WLAN-NAME> |
Configures the WLAN
|
storm-control [arp|bcast|multicast|unicast] log [<0-7>|alerts|critical|debugging| emergencies|errors|informational|none|notifications|warnings]
|
arp |
Configures storm control for ARP packets |
|
broadcast |
Configures storm control for broadcast packets |
|
multicast |
Configures storm control for multicast packets |
|
unicast |
Configures storm control for unicast packets |
|
log |
Configures the storm control log level for storm control events |
|
<0-7> |
Sets the numeric logging level from 0 - 7 |
|
alerts |
Numerical severity 1. Indicates a condition where immediate action is required |
|
critical |
Numerical severity 2. Indicates a critical condition |
|
debugging |
Numerical severity 7. Debugging messages |
|
emergencies |
Numerical severity 0. System is unusable |
|
errors |
Numerical severity 3. Indicates an error condition |
|
informational |
Numerical severity 6. Indicates a informational condition |
|
none |
Disables storm control logging |
|
notification |
Numerical severity 5. Indicates a normal but significant condition |
|
warnings |
Numerical severity 4. Indicates a warning condition |
nx9500-6C8809(config-fw-policy-testFW)#storm-control arp log warnings
nx9500-6C8809(config-fw-policy-testFW)#storm-control broadcast level 2
nx9500-6C8809(config-fw-policy-testFW)#show context firewall-policy testFW ip dos fraggle drop-only ip dos tcp-sequence-past-window drop-only ip dos tcp-max-incomplete high 600 ip dos tcp-max-incomplete low 60 storm-control broadcast level 20000 ge 4 storm-control arp log warnings ip-mac conflict drop-only ip-mac routing conflict log-and-drop log-level notifications flow timeout icmp 16000 flow timeout udp 10000 flow timeout tcp established 1500 flow timeout other 16000 dhcp-offer-convert ipv6 routing-type two log-and-drop log-level warnings ipv6 dos hop-limit-zero drop-only alg facetime logging icmp-packet-drop rate-limited logging malformed-packet-drop all logging verbose dns-snoop entry-timeout 1200 ipv6-mac routing conflict drop-only nx9500-6C8809(config-fw-policy-testFW)#
| no |
Disables storm control limits on multicast, unicast, and broadcast frames accepted and forwarded by a device |