Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Sterling Jacobson
in the DHCP server and lock the switches down with snooping and broadcast controls. Works well, just need to optimize the settings. From: Af <af-boun...@afmug.com> On Behalf Of Carl Peterson Sent: Tuesday, April 17, 2018 3:24 PM To: af@afmug.com Subject: Re: [AFMUG] Switch Storm Control

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Adam Moffett
Interesting thought. -- Original Message -- From: "Carl Peterson" <cpeter...@portnetworks.com> To: af@afmug.com Sent: 4/17/2018 5:23:39 PM Subject: Re: [AFMUG] Switch Storm Control If you are doing fiber with active ethernet, why not just run QinQ with a CVL

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Carl Peterson
..@afmug.com> *On Behalf Of *Adam > Moffett > *Sent:* Tuesday, April 17, 2018 6:29 AM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] Switch Storm Control > > > > Exactly what I was thinking. > > > > Is it a global setting for the switch or an ingress limit per p

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Dave
*Sent:* Tuesday, April 17, 2018 6:29 AM *To:* af@afmug.com *Subject:* Re: [AFMUG] Switch Storm Control Exactly what I was thinking. Is it a global setting for the switch or an ingress limit per port?  If you can limit it per port then something like 5pps should be plenty.  They only need

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Sterling Jacobson
necessarily block other types of bad traffic like that. One thing I have to be careful of is to not broadly limit the uplink ports as well. From: Af <af-boun...@afmug.com> On Behalf Of Adam Moffett Sent: Tuesday, April 17, 2018 6:29 AM To: af@afmug.com Subject: Re: [AFMUG] Switch Storm Control E

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Dave
We route and segment to remove this from being an issue on the infrastructure but as with any network a customer will always figure out a way to break stuff hence the isolation that we use on the AP. If its not a routed packed then it doesnt get thru. On 04/16/2018 04:49 PM, Sterling

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Adam Moffett
-- From: "Forrest Christian (List Account)" <li...@packetflux.com> To: "af" <af@afmug.com> Sent: 4/17/2018 3:01:18 AM Subject: Re: [AFMUG] Switch Storm Control I don't have a good answer for you but I really wish more devices would permit filtering such tha

Re: [AFMUG] Switch Storm Control

2018-04-17 Thread Forrest Christian (List Account)
I don't have a good answer for you but I really wish more devices would permit filtering such that the only broadcasts/multicasts permitted on customer facing segments were ARP and possibly DCHP if that's applicable to you. If you can exempt arp and dhcp from this, then the correct value

[AFMUG] Switch Storm Control

2018-04-16 Thread Sterling Jacobson
What are you guys using as a 'standard' for packets per second storm control on your switches/devices? I can limit broadcast, multicast and unknown unicast type packets Is 100pps too low? Would this be based on say a /24 network arping and DHCP request type traffic?