GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: 3750 broadcast traffic sent to svi blues posted 06/06/2008
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Joe-

If you do try looping the switch, make sure you run bpdu guard just to be on
the safe side :)

-Tom
CCIE#18762

http://www.linkedin.com/in/thomasfowles


On Fri, Jun 6, 2008 at 3:53 AM, Thomas Fowles <tfowles@xxxxxxxxx> wrote:

> Joe-
>
> Here's a bit of an off-the-wall idea.  I don't have a switch at home to
> test with, but:
>
> What if you scrap the SVI and instead, create an access port and a routed
> port (with the current SVI's IP) on the switch and loop it into itself.
> Then try using storm control.
>
> -Tom
> CCIE#18762
>
> http://www.linkedin.com/in/thomasfowles
>
>
>
> On Fri, Jun 6, 2008 at 2:25 AM, Joseph Brunner <joe@xxxxxxxxxxxxxxxxxxx>
> wrote:
>
>> I know it love it and use it, but alas, only on physical interfaces...
>>
>> the ports in the vlan should get full speed broadcast - the faster the
>> better, it's a commodities pricing network!
>>
>> but the svi should get almost no ip broadcast traffic either for all ones
>> or the directed broadcast... I may just have to filter it using an acl, if
>> there is no qos solution to protect the control plane...
>>
>> I wonder if filtering it with an acl would be lower cpu than just letting
>> it
>> come in and kill the box...
>>
>> -Joe
>>
>> -----Original Message-----
>> From: Ed Lui [mailto:edwlui@xxxxxxxxx]
>> Sent: Friday, June 06, 2008 2:08 AM
>> To: Joseph Brunner
>> Cc: ccielab@xxxxxxxxxxxxxx
>> Subject: Re: 3750 broadcast traffic sent to svi blues
>>
>> Would storm control be a possible solution ?
>>
>> On Thu, Jun 5, 2008 at 10:22 PM, Joseph Brunner <joe@xxxxxxxxxxxxxxxxxxx>
>> wrote:
>> > Good evening,
>> >
>> >
>> >
>> > I am working on an issue where a high amount of broadcast data (15Mbps~)
>> on
>> > a vlan on a single 3750 with an SVI is causing the switch's cpu to run
>> at
>> > near 100% all day.
>> >
>> >
>> >
>> > The users on this segment need to be routed to the internet etc, but the
>> > broadcast does not need to be.
>> >
>> >
>> >
>> > I tried to configure Control Plane Policing on the 3750, it has the
>> > "control-plane" command to get into the control plane, but when I go to
>> > attach a "service-policy input control-plane-policy"
>> >
>> > it fails. the policy-map has a "police 128000 8000 exceed-action drop"
>> etc
>> > under the class broadcast. this class-map is matching an acl permit udp
>> any
>> > host 255.255.255.255, etc.
>> >
>> >
>> >
>> > I also thought of using the rate-limit command on the svi, which has
>> helped
>> > us with 3640 routers in the past, etc.
>> >
>> >
>> >
>> > Does anyone else have any other ideas? the broadcast HAS to work as fast
>> as
>> > possible between the physical ports in that vlan, but it should hit the
>> svi
>> > at minimal levels for testing, etc.
>> >
>> >
>> >
>> > thanks,
>> >
>> >
>> >
>> > Joe
>> >
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> >
>> >
>> >
>>
>>
>>
>> --
>> Edward Lui
>> CCIE No. 20873
>> CCNP, MCSE
>> 626.380.0813
>>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html