If a destination MAC address is not in the MAC address table of the switch, the frame is flooded out all ports for that respective VLAN. Although some flooding is unavoidable and expected, excessive flooding might be caused by asymmetric routing, STP topology changes, or forwarding table overflow. Also, flooding can result from attacks on the network, especially in the case of denial-of-service (DoS) attacks.
Switches can now implement a unicast flood-prevention feature. This is implemented through the following global configuration command:
mac-address-table unicast-flood {limit kfps} {vlan vlan} {filter timeout alert shutdown}
An alternative configuration approach found on some Catalyst model devices (such as the 6500 series) is to use what is known as Unknown Unicast Flood Blocking (UUFB). This is configured with the following simple interface command:
switchport block unicast
skip to main |
skip to sidebar
Visitor Number
Blog Archive
-
▼
2009
(47)
-
▼
October
(27)
- MPLS Label - Header
- KnowledgeNet MPLS Lab in GNS3
- CCIE R&S Certification v4.0
- GNS3 High Processor Usage
- Advantages of MPLS
- MPLS - Multi Protocol Label Switching
- Logging and and using syslog
- Domain Name System
- Web Cache Communication Protocol
- DHCP with Cisco Devices
- Network Time Protocol
- Network Address Translation
- Ethernet
- EtherChannel
- VTP pruning
- VLAN trunking
- Unicast flooding
- Storm Control
- BPDU Guard
- Root Guard
- Unidirectional Link Detection
- Loop Guard
- 802.1s Multiple Spanning Tree
- 802.1w Rapid Spanning Tree Protocol
- Cisco-proprietary enhancements to 802.1D
- Topology changes Notification (TCN)
- Spanning Tree Protocol
-
▼
October
(27)
No comments:
Post a Comment