We help IT Professionals succeed at work.

Reccomendations for Storm Control Settings

I recently finished resolving a broadcast storm in one of our remote sites with 3 Dell Powerconnect 35xx switches wired in series. I've turned on storm control to limit broadcast traffic to 3% on the trunk ports, but I'm wondering how best to tune this since the 35xx series switches don't have much processor capacity and can't provide real-time port statistics.

Here are the major details:
I can't change the physical plant.
There may or may not be daisy-chains of unmanaged switches on some ports
Each switch is trunked to the next in series over the Gigabit ports.
There are no redundant links.
The site fileserver and router are on an edge switch which is set as the spanning-tree root.
The ratio of WAN/LAN traffic is roughly 80/20. Most of this is Citrix sessions with a small amount of SMB for printing and a local database app.
MSTP Spanning tree is enabled on all managed switches.

Here are my goals:
Keep switch CPU load below 25%
Stop broadcast storms as close to the source as possible.
Minimize the impact of any tuning on normal traffic.
Comment
Watch Question

Justin EllenbeckerIT Director

Commented:
The easiest way to prevent a broadcast storm is to make sure that the switches are not being looped back without Spanning-Tree.  Check the daisy chains and make sure that there are only single connections from the unmanaged switches.

http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a00800a7af3.shtml#redundancystorms

That is a cisco document that show and talks a little more about in general and will to any network in theory.  Its a base overview and not 100% cisco dedicated.

Author

Commented:
The problem is that the end users have a bad habit of wanting to shove any non-connected cable into the first port that fits.

My best guess is that the loopback happened far enough past one of the managed switches that the STP BPDUs that would have identified the loop were either discarded or delayed long enough that the managed switch couldn't detect the looped port.
Justin EllenbeckerIT Director

Commented:
Sounds about right that most of the storming was on the unmanaged side of it.  Unfortunately there really is nothing you can do to control a storm happening there besides removing it.

Author

Commented:
I can accept a single port on the managed going down due to the storm, but since the PowerConnect 35xx series has a storm control function, they should be able to prevent the storm from downing the entire LAN.

The storm control command requires a traffic threshold amount per port. I'm hoping someone has a formula or rule of thumb for determining the threshold.

Just to head off an inevitable comment, yes I know the amount of legitimate broadcast traffic varies depending on the protocols in use.
Senior Systems Engineer
Top Expert 2013
Commented:
On the managed switches you can enable BPDU guard on the ports that are not to receive BPDUs (for example, access ports).  The unmanaged switches are another story. If you are having problems with broadcast storms I would suggest removing these and replacing them with managed switches.

Author

Commented:
I hadn't considered BPDU guard, but that should do a better job of shutting down a looped port.

As far as replacing the unmanaged switches goes, I'd have to solve Finagle's Law and Hanlon's Razor first. ;)
Marius GunnerudSenior Systems Engineer
Top Expert 2013

Commented:
Hehehe.  Good luck