RE: 3750 broadcast traffic sent to svi blues

From: Joseph Brunner (joe@affirmedsystems.com)
Date: Fri Jun 06 2008 - 03:25:35 ART

• Next message: ccie: "Does this command stop the flooding of the Auto RP dense groups"
• Previous message: Ed Lui: "Re: 3750 broadcast traffic sent to svi blues"
• Maybe in reply to: Joseph Brunner: "3750 broadcast traffic sent to svi blues"
• Next in thread: Sadiq Yakasai: "Re: 3750 broadcast traffic sent to svi blues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I know it love it and use it, but alas, only on physical interfaces...

the ports in the vlan should get full speed broadcast - the faster the
better, it's a commodities pricing network!

but the svi should get almost no ip broadcast traffic either for all ones
or the directed broadcast... I may just have to filter it using an acl, if
there is no qos solution to protect the control plane...

I wonder if filtering it with an acl would be lower cpu than just letting it
come in and kill the box...

-Joe

-----Original Message-----
From: Ed Lui [mailto:edwlui@gmail.com]
Sent: Friday, June 06, 2008 2:08 AM
To: Joseph Brunner
Cc: ccielab@groupstudy.com
Subject: Re: 3750 broadcast traffic sent to svi blues

Would storm control be a possible solution ?

On Thu, Jun 5, 2008 at 10:22 PM, Joseph Brunner <joe@affirmedsystems.com>
wrote:
> Good evening,
>
>
>
> I am working on an issue where a high amount of broadcast data (15Mbps~)
on
> a vlan on a single 3750 with an SVI is causing the switch's cpu to run at
> near 100% all day.
>
>
>
> The users on this segment need to be routed to the internet etc, but the
> broadcast does not need to be.
>
>
>
> I tried to configure Control Plane Policing on the 3750, it has the
> "control-plane" command to get into the control plane, but when I go to
> attach a "service-policy input control-plane-policy"
>
> it fails. the policy-map has a "police 128000 8000 exceed-action drop" etc
> under the class broadcast. this class-map is matching an acl permit udp
any
> host 255.255.255.255, etc.
>
>
>
> I also thought of using the rate-limit command on the svi, which has
helped
> us with 3640 routers in the past, etc.
>
>
>
> Does anyone else have any other ideas? the broadcast HAS to work as fast
as
> possible between the physical ports in that vlan, but it should hit the
svi
> at minimal levels for testing, etc.
>
>
>
> thanks,
>
>
>
> Joe
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>

-- 
Edward Lui
CCIE No. 20873
CCNP, MCSE
626.380.0813

• Next message: ccie: "Does this command stop the flooding of the Auto RP dense groups"
• Previous message: Ed Lui: "Re: 3750 broadcast traffic sent to svi blues"
• Maybe in reply to: Joseph Brunner: "3750 broadcast traffic sent to svi blues"
• Next in thread: Sadiq Yakasai: "Re: 3750 broadcast traffic sent to svi blues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:21 ART