Filter
Top Products
22-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 22 Configuring Port-Based Traffic Control
Configuring Protected Ports
Disabling Storm Control
Beginning in privileged EXEC mode, follow these steps to disable storm control:
Configuring Protected Ports
Some applications require that no traffic be forwarded between ports on the same switch so that one
neighbor does not see the traffic generated by another neighbor. In such an environment, the use of
protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these
ports on the switch.
Protected ports have these features:
• A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that
is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only
control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU
and forwarded in software. All data traffic passing between protected ports must be forwarded
through a Layer 3 device.
• Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
• Protected ports are supported on 802.1Q trunks.
The default is to have no protected ports defined.
You can configure protected ports on a physical interface or an EtherChannel group. When you enable
protected ports for a port channel, it is enabled for all ports in the port-channel group.
Both LRE interface ports and CPE device ports can be configured as protected ports. When you use a
Cisco 575 LRE CPE or a Cisco 576 LRE 997 CPE device, the cpe protected interface configuration
command is not available.
When you use a Cisco 585 LRE CPE device (which has multiple Ethernet interfaces), the switchport
protected command allows devices on different ports of the same CPE device to exchange data locally.
In some cases, you might want to protect individual CPE device ports. You can do this with the cpe
protected interface configuration command. Devices connected to different ports on the same CPE
device cannot exchange data directly but must forward it through a Layer 3 device.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Specify the port to configure, and enter interface configuration mode.
Step 3
no storm-control {broadcast |
multicast | unicast} level
Disable port storm control.
Step 4
no storm-control action {shutdown |
trap}
Disable the specified storm control action.
Step 5
end Return to privileged EXEC mode.
Step 6
show storm-control {broadcast |
multicast | unicast}
Verify your entries.
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.