Is there a way to check for extensive unicast flooding on an EX 4200 switch or, even better, on a single port of the switch?
You can configure unknown-unicast-forwarding on EX4200 to get to know more information.
Not sure if I understand you fully - if i set a port for unknown-unicast-forwarding it will stop flooding unknown unicast to other ports - possibly braking comunication...
This is more like a security feature.
When you configure unknown-unicast forwarding for a VLAN and destine it to a interface, no matter what port the traffic comes in that particular VLAN with the destination MAC is not known to the switch, it will forward it to a specific port which is specified rather than flooding it.
But how it can help me with my problem? I need to learn what level of flooding is there, and maybe find what MAC addresses are involved.
The show ethernet-switching table command shows that an unknown unicast packet is received on interface.
Check the link which i pasted before.
Then as I said before - if i set a port for unknown-unicast-forwarding it will stop flooding unknown unicast to other ports - possibly braking comunication.
>show interfaces <name> extensive | match packets
You can specify an interface name of leave it off. This should show you multicast, unicast and broadcast
Now that will not tell you if it is excessive, since excesive would be dependent on the particular network. You would need some other network monitoring device to check traffic types over a period of time and at different time intervals to see the levels. It would also of coure depends on if the particular environment is using applications that generate these types of traffic.
It would still show only total of unicast packet (both unknow - flooded and "known" - forwarded), while I am looking only for flooded (unknown).
It seems that there is no way to check it on EX 4200. Thanks all!