Broadcast Suppression: Advanced Traffic Management
Some members of the Catalyst family support a feature intended to minimize the transfer of broadcast and multicast frames sourced from a port. The broadcast/multicast suppression feature measures the broadcast and multicast traffic coming from a device and restricts the flow of the frames across the Catalyst switch fabric if the amount of the traffic exceeds a configurable threshold.
Depending upon your version of Catalyst, you have two methods to measure the broadcast and multicast frames. One method measures the amount of port bandwidth consumed by multicasts and broadcasts (hardware-based broadcast suppression). The other method measures the number of broadcast and multicast frames (software-based broadcast suppression). Both metrics integrate over a 1-second interval. The effect of the two varies, though.
Hardware-Based Broadcast Suppression
Hardware-based broadcast suppression measures the percentage of port bandwidth consumed by incoming broadcast/multicast frames every second. If the load crosses a threshold that you configure, the Catalyst drops the balance of the broadcast frames for the remainder of the 1-second interval, but passes normal unicast frames.
Figure 13-15 shows the results of hardware suppression over several 1-second intervals. In the first interval, both the broadcast and unicast traffic stay under the configured threshold. The Catalyst passes all of the frames. In the second case, the broadcast frames stay under the threshold, but the unicast frames exceed it. Again, the Catalyst passes all frames because it only measures the broadcast and multicast frames and ignores the unicast level.
In the third interval, the unicast does not exceed threshold, but the broadcast frames do. When the broadcast level exceeds the threshold, the Catalyst drops all of the broadcast frames for the remainder of the 1-second interval, but continues to pass the unicast frames. In the fourth interval, both cross the threshold, but the Catalyst drops only the broadcast frames, even though the broadcast level drops back below the threshold during the interval. After the Catalyst measures a broadcast excess, it drops all of the broadcast frames for the rest of the interval.
Figure 13-15. Hardware-Based Broadcast Suppression
To configure hardware-based suppression, use the command set port broadcast mod_num/port_num threshold%. Note the percent sign at the end of the command. You must include this for the Catalyst to distinguish the value as a bandwidth threshold rather than a packet count threshold.
Software-Based Broadcast Suppression
Software-based broadcast suppression differs from the hardware-based broadcast suppression in its metric and its effect. Software-based broadcast suppression measures the actual number of incoming broadcast/multicast frames on an interface over a 1-second interval. If the absolute value of frames exceeds the threshold, the Catalyst drops all frames for the balance of the 1-second interval.
In Figure 13-16, a Catalyst reacts to frames during three time intervals. In the first interval, both the unicast and broadcast frames remain below the configured threshold. Therefore, the Catalyst forwards all frames. In the second interval, unicast frames exceed the threshold, whereas the broadcast level remains below the threshold. The Catalyst forwards all frames. In the third interval, the broadcast level exceeds the threshold. At the point in the interval when this occurrs, the Catalyst drops all frames (both broadcast and unicast) for the rest of the time interval.
Figure 13-16. Software-Based Broadcast Suppression
To enable software-based broadcast suppression on your Catalyst, use the set port broadcast mod_num/port_num threshold command. Note the absence of the percent sign. This instructs the Catalyst to use software-based broadcast suppression.
Determining Whether to Use Hardware- or Software-Based Broadcast Suppression
There is a significant difference in the behavior between hardware- and software-based broadcast suppression. Not all Catalyst models support hardware-based broadcast suppression. In fact, some models support no broadcast suppression, yet others support hardware- but not software-based broadcast suppression. Therefore, you might not have a choice as to which to use. Use the show port capabilities command to determine what your Catalyst can do.
When you do have a choice, generally the bandwidth-based (hardware-based) approach excels. Bandwidth measurements tend to be more accurate than packet count methods because of the variation in frame sizes that might be on your network. You might have few broadcast frames per second on an interface, but they might be very large, consuming much of your port bandwidth. Hardware-based broadcast suppression catches this situation and reacts. Software-based broadcast suppression might never trigger if the frames per second stays below your threshold. On the other hand, this might be normal and desirable behavior for your applications. In which case, you might want to use software rather than hardware triggers.