What is Storm Control?

Storm control is a feature for monitoring traffic levels and dropping broadcast, multicast, and unknown unicast packets, which is commonly known as BUM Traffic, and when a specified traffic level, referred to as the storm control level or storm control bandwidth is exceeded, limiting the traffic to protect the Local Area Network environment. In this blog post, we will try to understand the basics of it.

Storm Control Broadcast Level

Although the Storm Control feature is mainly used for Broadcast, we should configure it to protect from unnecessarily used Multicast and Unknown Unicast packets. There can be bugs in the software or hardware or due to the mis-cabling or configuration, if any of the above traffic exceeds the limit that we specify, traffic should be blocked.

We need to understand some terminologies if we want to understand Storm control and its usage on Network Switch. In the above configuration, we will show not only for Broadcast but also for Multicast and Unknown Unicast threshold levels on the Cisco switches.

Cisco Storm Control

Let's have a look at how Storm Control is used in Cisco switch and let's learn some new terminologies.

interface GigabitEthernet0/0
 storm-control broadcast level bps 100k 90k
 storm-control multicast level pps 50 30
 storm-control unicast level 1.00 0.50

On the above configuration, the below parameters are used. Let's briefly define each one of them.

• broadcast—Configure broadcast storm control.
• multicast—Configure multicast storm control.
• unicast—Configure unknown unicast storm control.
• level—Specifies the threshold levels for broadcast, multicast, or unicast traffic.
• rising_threshold—Upper threshold level.
• falling_threshold—Lower threshold level.
• bps—Specifies the suppression level in bits per second.
• PPS—Specifies the suppression level in packets per second

--The rising threshold is the traffic limit after which, that particular traffic is blocked. --The falling threshold is the traffic limit below which, that particular starts forwarding again if it was already blocked For the broadcast traffic then, on the above config, we specify 100k as Rising_threshold, 50k as falling_threshold value.

Meaning at 100kbit/s traffic will be blocked when the traffic level falls under 90kbit/s again. traffic will be forwarded. This feature is and should be used in real-life in the campus networks/local area networks, where you have a Layer 2 domain. When the Layer 2 domain gets larger, the importance of the Storm Control feature increases as well. You can find more information on Layer 2 network design, in our Layer2 Network Design Course.