Correct. unicast = 0, multicast AND broadcast = 1.
*Scott Morris*, CCIE/x4/ (R&S/ISP-Dial/Security/Service Provider) #4713,
JNCIE-M #153, JNCIS-ER, CISSP, et al.
JNCI-M, JNCI-ER
evil_at_ine.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Outside US: 775-826-4344
Knowledge is power.
Power corrupts.
Study hard and be Eeeeviiiil......
Anantha Subramanian Natarajan wrote:
> Hi Scott,
>
> Thank you very much for the descriptive explanation/history.This is
> actually a recap for me after I have heard your audio series soo many times
> but somehow I understood that even unicast(In that case,As I understood,I
> would assume the I/ G bit would be 0 right,where for multicast/broadcast
> would be 1) is dropped after the multicast threshold is reached in
> 3550.Kindly correct me if I am wrong in that.If thats true, is it true even
> in 3560 switches.
>
> Thank you Scott
>
> Regards
> Anantha Subramanian Natarajan
>
>
>
> On Mon, Sep 14, 2009 at 8:56 AM, Scott Morris <smorris_at_ine.com> wrote:
>
>
>> Other way around. Broadcasts are a SUBSET of multicasts.
>>
>> At layer2, a multicast is defined by the I/G bit. The least significant
>> bit of the most significant byte of a MAC.
>>
>> For example, all IP multicast at layer2 begins with 01-00-5E-xx-xx-xx.
>> 01 is the most significant byte (left-most). In binary it's 0000 0001.
>> The 1 is the least-significant bit (right-most) of this byte. That's
>> the I/G bit. A 1 value indicates a GROUP address while a 0 value
>> indicates an INDIVIDUAL address (the I and the G).
>>
>> A broadcast at layer2 is FF-FF-FF-FF-FF-FF. Or in binary, 1111 1111 in
>> the most significant byte. Being all-ones, it's a very specific notation.
>>
>> Not all multicasts can be called broadcasts. But all broadcasts can
>> also be called multicasts (group addresses).
>>
>> So if you have a storm control threshold of 10% for multicast, but 20%
>> for broadcast... Once you hit your 10% mutlicast mark, your broadcasts
>> will get throttled as well since they are part of that same group.
>>
>> It's all about perspective (and a little history). ;)
>>
>> HTH,
>>
>>
>>
>>
>> *Scott Morris*, CCIE/x4/ (R&S/ISP-Dial/Security/Service Provider) #4713,
>>
>> JNCIE-M #153, JNCIS-ER, CISSP, et al.
>>
>> JNCI-M, JNCI-ER
>>
>> evil_at_ine.com
>>
>>
>> Internetwork Expert, Inc.
>>
>> http://www.InternetworkExpert.com <http://www.internetworkexpert.com/>
>>
>> Toll Free: 877-224-8987
>>
>> Outside US: 775-826-4344
>>
>>
>> Knowledge is power.
>>
>> Power corrupts.
>>
>> Study hard and be Eeeeviiiil......
>>
>>
>>
>>
>>
>> Anantha Subramanian Natarajan wrote:
>>
>>> Hi Darby,
>>>
>>> Thank you very much for the descriptive explanation on the topic.Not
>>>
>> sure
>>
>>> I understood the below caveat
>>>
>>> "If you enable broadcast and multicast traffic storm control, and
>>>
>> broadcast
>>
>>> traffic exceeds the level within a 1-second traffic storm control
>>>
>> interval,
>>
>>> traffic storm control drops all broadcast and multicast traffic until the
>>> end of the traffic storm control interval. "
>>>
>>> Is that mean that,if the broadcast traffic exceeds the threshold level,it
>>> will also drop multicast traffic,when the multicast didn't eceed the
>>> threshold defined on the later 2 interface ??/..Is it true for both 3550
>>>
>> and
>>
>>> 3560 switches ?
>>>
>>> Thank you
>>>
>>> Regards
>>> Anantha Subramanian Natarajan
>>>
>>>
>>>
>>>
>>> On Mon, Sep 14, 2009 at 5:05 AM, Darby Weaver <darby.weaver_at_gmail.com
>>> wrote:
>>>
>>>
>>>
>>>> Some caveats you may to take note of on Storm-Control:
>>>>
>>>> All Layer 2 Broadcasts are Multicasts.
>>>>
>>>> All Layer 2 Multicasts are *not* Broadcasts.
>>>>
>>>> Traffic storm control monitors the level of each traffic type for which
>>>>
>> you
>>
>>>> enable traffic storm control in 1-second traffic storm control
>>>>
>> intervals.
>>
>>>> Within an interval, when the ingress traffic for which traffic storm
>>>>
>>>>
>>> control
>>>
>>>
>>>> is enabled reaches the traffic storm control level that is configured on
>>>>
>>>>
>>> the
>>>
>>>
>>>> port, traffic storm control drops the traffic until the traffic storm
>>>> control interval ends.
>>>>
>>>> The following are examples of traffic storm control behavior:
>>>>
>>>> If you enable broadcast traffic storm control, and broadcast traffic
>>>> exceeds the level within a 1-second traffic storm control interval,
>>>>
>> traffic
>>
>>>> storm control drops all broadcast traffic until the end of the traffic
>>>>
>>>>
>>> storm
>>>
>>>
>>>> control interval.
>>>>
>>>> If you enable broadcast and multicast traffic storm control, and the
>>>> combined broadcast and multicast traffic exceeds the level within a
>>>>
>>>>
>>> 1-second
>>>
>>>
>>>> traffic storm control interval, traffic storm control drops all
>>>>
>> broadcast
>>
>>>> and multicast traffic until the end of the traffic storm control
>>>>
>> interval.
>>
>>>> If you enable broadcast and multicast traffic storm control, and
>>>> broadcast traffic exceeds the level within a 1-second traffic storm
>>>>
>> control
>>
>>>> interval, traffic storm control drops all broadcast and multicast
>>>>
>> traffic
>>
>>>> until the end of the traffic storm control interval.
>>>>
>>>> If you enable broadcast and multicast traffic storm control, and
>>>> multicast traffic exceeds the level within a 1-second traffic storm
>>>>
>> control
>>
>>>> interval, traffic storm control drops all broadcast and multicast
>>>>
>> traffic
>>
>>>> until the end of the traffic storm control interval.
>>>>
>>>> 1) One very important remark everybody seems to miss, is that
>>>>
>> storm-control
>>
>>>> only works on INBOUND packets. It does not prevent a port from being
>>>> overwhelmed with broadcasts from the core or other access switches.
>>>>
>>>> 2) Watch out with stormcontrol on trunk ports! Includes any allowed or
>>>> non-allowed Vlan
>>>>
>>>> 3) The storm-control "drop filter" action will block on all VLANS.
>>>>
>>>> Finally:
>>>>
>>>> Storm control is supported only on physical interfaces; it is not
>>>>
>> supported
>>
>>>> on EtherChannel port-channels or physical interfaces that are members of
>>>> port channels even though the command is available in the CLI. If a
>>>>
>>>>
>>> physical
>>>
>>>
>>>> interface with storm control configured joins an EtherChannel, the storm
>>>> control configuration for the physical interface is removed from the
>>>>
>>>>
>>> running
>>>
>>>
>>>> configuration.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Sun, Sep 13, 2009 at 8:01 PM, Anantha Subramanian Natarajan <
>>>> anantha.natarajan_at_gravitant.com> wrote:
>>>>
>>>>
>>>>
>>>>> Hi All,
>>>>>
>>>>> My understanding on ,Multicast storm control on 3550 switch is as
>>>>>
>> below
>>
>>>>> "When the rate of multicast frames increased more than the specified
>>>>> rate
>>>>> on the Multicast storm-control configuration,it will block all
>>>>>
>> multicast
>>
>>>>> frames exceeded and also even all unicast/broadcast traffic is dropped
>>>>> until
>>>>> the multicast rate on the port is decreased than the threshold
>>>>> defined.Exceptions would be BPDU's and CDP frames".
>>>>>
>>>>> Is my above understanding right ?.If so ,my questions is
>>>>>
>>>>> Does the above statement is also true for 3560 switches.For some
>>>>>
>> reason.I
>>
>>>>> couldn't find a reference on the 3560 config guide,unless I missed it.
>>>>>
>>>>> Thank you for the assistance.
>>>>>
>>>>> Regards
>>>>> Anantha Subramanian Natarajan
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>> --
>>>> Darby Weaver
>>>> Network Engineer
>>>>
>>>> 407-802-7394
>>>> darbyweaver_at_yahoo.com
>>>>
>>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon Sep 14 2009 - 12:47:01 ART
This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:03 ART