Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Doubt regarding Switching Principle

Re: Doubt regarding Switching Principle 9 years 4 weeks ago #31103

You're right about the problem, but that's the way a switch works. In normal networks the percentage of flooded frames to normal frames is low so it isn't a problem. And I have to wonder given, say, a 24-port switch with a backplane capable of several gigabits of throughput, how much impact one device on one port would have. It certainly could generate a fair amount of traffic but I don't think it would bring the switch to its knees. The more likely outcome would be that a few users might complain of slow response, you'd monitor the switch and see the problem, then you'd go visit the user with an offer of alternative employment

Re: Doubt regarding Switching Principle 9 years 4 weeks ago #31109

There are some features to limit the impact like broadcast and multicast storm control. Look at the offenders source MAC and To solve the issue, shutdown his/her switchport.

Re: Doubt regarding Switching Principle 9 years 3 weeks ago #31121

There are some features to limit the impact like broadcast and multicast storm control. Look at the offenders source MAC and To solve the issue, shutdown his/her switchport.



Could you please discuss out those configurations ?

Re: Doubt regarding Switching Principle 9 years 3 weeks ago #31124

On a 3350:
Switch_3(config)#int fa 0/22

Switch_3(config-if)#storm-control ?
broadcast Broadcast address storm control
multicast Multicast address storm control
unicast Unicast address storm control

Switch_3(config-if)#storm-control broadcast level ?
<0 - 100> Enter Integer part of storm suppression level

Switch_3(config-if)#storm-control broadcast level 50

Switch_3#sh storm-control fa0/22
Interface Filter State Level Current



Fa0/22 Forwarding 50.00% 0.00%
Switch_3#

Re: Doubt regarding Switching Principle 9 years 3 weeks ago #31134

These will help, but do remember that a broadcast and a flooded frame are not necessarily the same thing - you'll need to read the switch documentation carefully to find out what types of frames each of these commands actually work with

Re: Doubt regarding Switching Principle 9 years 3 weeks ago #31141

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1577
  • Karma: 3
  • Thank you received: 7
On some higher models of Cisco switches, you can detect such excessive flooding using the mac-address-table unicast-flood command, and then take specified action if flooding exceeds a specified amount. I've never tried it my self, so this might help:

www.cisco.com/en/US/products/hw/switches...01d0808.shtml#detect

www.cisco.com/en/US/docs/switches/lan/ca...ecure.html#wp1078807

On the other hand Port Security is a partial but not definite solution to this problem. You could configure the switch (if it supports port security) to allow only trusted source MAC addresses to use a switch port. An outsider/hacker will have to be smart enough to CHANGE his MAC address to match the one you configured on the port he is connected to. That to be able to send any traffic at all using the switch. It's not impossible to hack into this, but certainly is less possible. Surely, if naughtiness comes from within your own users/organization then this is no use :lol:
  • Page:
  • 1
  • 2
Time to create page: 0.168 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup