Switching

Expand all | Collapse all

Storm-Control: Logging Instances of bandwidth limit being hit

  • 1.  Storm-Control: Logging Instances of bandwidth limit being hit

    Posted 11-19-2011 07:41

        My understanding with storm-control is that a log message/trap should be created when the braodcast/unknown unicast traffic hits the bandwidth limit you set, but I have done some testing and don't see any log messages.  I have also used the action-shutdown setting and that did indeed shut down the port during testing when the bandwidth limit was met.

     

      Should I be seeing log messages in the 'messages' log file when the broadcast traffic begins to be rate limited?



  • 2.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

     
    Posted 11-21-2011 03:02

    hi B2,

     

    I can't test it right now, but you should see some messages once storm control is in effect. 

     

    Search for ESWD_ST_CTL (p. 265) in:

    http://www.juniper.net/techpubs/en_US/junos10.4/information-products/topic-collections/syslog-messages/syslog-messages.pdf

     

    Are you sure the storm control was in effect ? Use 'show ethernet-switching interfaces' to verify interface state. Example:

    http://www.juniper.net/techpubs/en_US/junos10.4/topics/task/verification/port-security-port-error-disable-verifying.html

     

    If it's no help, please show the storm control config device hw&sw info.

    jtb 



  • 3.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

    Posted 11-21-2011 11:15

    Thanks for the input.  To be clear, there are two issues.  When the port disable feature is set, things seem to work fine, that is the port is disabled and a log message is sent.

     

    When it's just storm control....I would expect when the broadcase bandwidth limit is reached, the port is NOT shutdown of course, but the traffic is being limited, and a syslog/trap to be created, perhaps of type:

     

    ESWD_ST_CTL_ERROR_IN_EFFECT

     

    I am not seeing that trap sent...I suppose I can't guarantee that I did infact reach the limit, but I set the limit quite low and did create a switch loop, so it would be hard to imagine that the limit was not reached.

     

    My hardware is a VC of EX4200 switches.

    Junos 10.0R4.7



  • 4.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

     
    Posted 11-22-2011 08:14

    hi,

     

    took EX2200 running 11.1R6.4 and did quick test. Unknown unicast traffic generated with:

     

    • setting fake arp for X.Y.W.Z
    • iperf  -c X.Y.W.Z -b 10m -t 60    // testing -b 100k up to -b 100m

    With action-shutdown configured:

     

    admin@ex2201> show configuration ethernet-switching-options
    port-error-disable {
        disable-timeout 15;
    }
    storm-control {
        action-shutdown;
        interface ge-0/0/0.0 {
            bandwidth 1000;
        }
    }
    
    Nov 22 00:30:48  ex2201 eswd[967]: ESWD_ST_CTL_ERROR_IN_EFFECT: ge-0/0/0.0: storm control in effect on the port
    Nov 22 00:30:48  ex2201 eswd[967]: ESWD_ST_CTL_ERROR_DISABLED: ge-0/0/0.0: storm control disabled port
    Nov 22 00:30:48  ex2201 eswd[967]: ESWD_ST_CTL_ERROR_IN_EFFECT: ge-0/0/0.0: storm control in effect on the port
    Nov 22 00:30:48  ex2201 mib2d[972]: SNMP_TRAP_LINK_DOWN: ifIndex 501, ifAdminStatus up(1), ifOperStatus down(2), ifName ge-0/0/0
    Nov 22 00:30:48  ex2201 chassism[928]: IFCM: no handler for command subtype 237
    Nov 22 00:30:48  ex2201 mib2d[972]: SNMP_TRAP_LINK_DOWN: ifIndex 610, ifAdminStatus up(1), ifOperStatus down(2), ifName vlan.1
    Nov 22 00:31:03  ex2201 eswd[967]: ESWD_ST_CTL_ERROR_ENABLED: ge-0/0/0.0: storm control enabled port

     

    Without action-shutdown:

     

    admin@ex2201> show configuration ethernet-switching-options
    port-error-disable {
        disable-timeout 15;
    }
    storm-control {
        interface ge-0/0/0.0 {
            bandwidth 100000;
        }
    }
    
    Nov 22 00:48:11  ex2201 eswd[967]: ESWD_ST_CTL_ERROR_IN_EFFECT: ge-0/0/0.0: storm control in effect on the port
    
    admin@ex2201> show interfaces ge-0/0/0 detail | match bps
       Input  bytes  :            223278328            105875968 bps
       Output bytes  :                27424                 2480 bps
         Input  bytes  :                    0                    0 bps
         Output bytes  :                    0                    0 bps

     

    My comments/doubts from the short test:

     

    • ESWD_ST_CTL_ERROR_IN_EFFECT is fine, but why there is no message like  ~ESWD_ST_CTL_ERROR_CLEARED (no info when/if the storm has finished). With actions-shutdown and disable-timeout we will see the port going up/down but without it we have no details about storm lenght
    • ESWD_ST_CTL_ERROR_IN_EFFECT was not always generated in my testing (after long/big storm wasn't able to trigger new one)
    • storm control was triggered by traffic at ~70-80% of configured iperf bandwidth - probably due L2/Ethernet overhead (didn't do the math to check)
    • haven't looked how the BUM traffic is rate limited

    Regarding your test, are you sure there was a switch loop and STP didn't stop it ?

    jtb



  • 5.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

    Posted 11-22-2011 09:14

    Thanks for the testing that you did.  Yes, I am sure that there was indeed a switching loop, no spanning tree was in effect.



  • 6.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

     
    Posted 11-23-2011 06:58

    hi,

     

    clear; bug ? check newer software ? Someone reported seeing ESWD_ST_CTL_ERROR_IN_EFFECT from EX4200 running 10.4R3.4:

    http://forums.juniper.net/t5/Ethernet-Switching/Ex-4200-Storm-Control-Error-ESWD/m-p/87864/highlight/true#M3966

    jtb



  • 7.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

    Posted 11-14-2012 08:43

    Hello everybody.

     

    maybe your logging severity level does not include this alert level?

    try to configure "any any".

     

    But what I wanted to say is that i´m using policy-events to generate snmp traps for storm-control

     

    set ethernet-switching-options storm-control interface all bandwidth 50000
    set event-options policy STORM_CTL events ESWD_ST_CTL_ERROR_IN_EFFECT set event-options policy STORM_CTL then raise-trap

     

    With this configuration a snmp trap is sent every time the broadcast imit is exceed on a port.


    hth

    Alexander



  • 8.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

    Posted 06-29-2016 04:00

    Dear aloeffle,

     

    We have configured the below policy still not receving the SNMP trap to NMS system.

     

    Can you please help to resolve this.

     

    show configuration event-options policy STORM_CTL

    events ESWD_ST_CTL_ERROR_IN_EFFECT;

    then {

        raise-trap;

    }

     

    Jun 29 12:18:47  XXXS02 eswd[1340]: %DAEMON-1-ESWD_ST_CTL_ERROR_IN_EFFECT: ge-0/0/42.0: storm control in effect on the port

    Jun 29 12:22:38  XXXS02 eswd[1340]: %DAEMON-1-ESWD_ST_CTL_ERROR_IN_EFFECT: ge-0/0/42.0: storm control in effect on the port



  • 9.  RE: Storm-Control: Logging Instances of bandwidth limit being hit

    Posted 09-10-2017 13:03

    Hey B2,

     

    In order for you to see the storm control in effect statement in your logs, you would have to configure your syslog facility to any and then your syslog severity level to alert (1) or even higher severity to emergency (0). But the severity with alert should show you the storm control in effect statement:

     

     

    juniper@switch>help syslog ESWD_ST_CTL

     

    Name:          ESWD_ST_CTL_BW_INFO

    Message:       <interface-name>: configured storm control speed <level> is greater than interface speed <bandwidth>. Storm control will

                   be set to the latter

    Help:          Storm control bandwidth setting limits

    Description:   Log message to alert the user to the bandwidth setting limits.

    Type:          Error: An error occurred

    Severity:      alert

    Facility:      LOG_DAEMON

     

    Name:          ESWD_ST_CTL_ERROR_DISABLED

    Message:       <interface-name>: storm control disabled port

    Help:          Storm control error disabled an interface

    Description:   This condition occurs when storm control error condition is detected.

    Type:          Error: An error occurred

    Severity:      alert

    Facility:      LOG_DAEMON

     

    Name:          ESWD_ST_CTL_ERROR_ENABLED

    Message:       <interface-name>: storm control enabled port

    Help:          Storm control error cleared from an interface

    Description:   This condition occurs when storm-control error condition is cleared.

    Type:          Error: An error occurred

    Severity:      alert

    Facility:      LOG_DAEMON

     

    Name:          ESWD_ST_CTL_ERROR_IN_EFFECT

    Message:       <interface-name>: storm control in effect on the port

    Help:          Storm control error in effect an interface

    Description:   This condition occurs when storm control error condition is detected.

    Type:          Error: An error occurred

    Severity:      alert

    Facility:      LOG_DAEMON

     

    Name:          ESWD_ST_CTL_INFO

    Message:       storm control is enabled for interface <interface-name>

    Help:          Storm control setting information

    Description:   Log message to alert the user to the storm control setting.

    Type:          Error: An error occurred

    Severity:      alert

    Facility:      LOG_DAEMON