North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: L2 Broadcast/multicast limits on ethernet ports

  • From: Arien Vijn
  • Date: Mon Sep 20 17:04:01 2004


On Sep 20, 2004, at 9:32 PM, KASHIF SALAMM wrote:

Thanx Arien
 
Yes that's the command we will be doing.
 
The basic purpose is to stop the cpu's  to shoot up to 70 + % utilistaion and to crash/reboot as we experienced the same.
 
What numbers you are using for 10/100/1000 ports.

We use it global for all ports.

#sh run | i limit
broadcast limit 500
multicast limit 10000
unknown-unicast limit 1000

The numbers are based on tests we did on the IronCore hardware. We too wanted to limit CPU utilisation. Connected switches remained usable while the address learning rate was not affected.

But again it are egress limits. Multicast, broadcast and unknown unicast frames hit the CPU before they are dropped or forwarded.

Kind regards, Arien