Tuesday, February 3, 2009

6500/7600 & storm-control limitations

I do not know about you, but i quite often fall into CCO documents that instead of giving answers, they arise more questions.

Here is an example of CCO documentation cryptology causing even more confusion.

From Configuring Traffic Storm Control in 7600/12.2SR:

Note On these modules, a level value of 0.33 percent or less suppresses all traffic:


From Configuring Traffic-Storm Control in 6500/12.2SXF

On these modules, these levels suppress all traffic:

–WS-X6704-10GE: 0.33 percent or less
–WS-X6748-GE-TX 10Mbps ports: 0.33 percent or less
–WS-X6748-GE-TX 100Mbps ports: 0.03 percent or less

Questions risen :

1) "all traffic" means ALL traffic or all traffic referenced in the relevant storm-control config (i.e. broadcast/multicast/unicast)?
You probably guessed it right; It's not very clear, but it's the 2nd.

2) Why are modules WS-X6724-SFP and WS-X6748-SFP not included in the 6500 document?
This is because the 7600 document is somewhat wrong. I tried the WS-X6724-SFP in both platforms and it didn't experience this 0.33 percent limitation. Also, according to CSCsq75731 :

A WS-X6724-SFP doesn't block all broadcast traffic as we may expect it will do per the limitation described in the config guide.

Probably the same applies to WS-X6748-SFP (WS-X6724-SFP x 2).

3) For WS-X6748-GE-TX, is it 0.03% or 0.33% ?
Once again the 7600 document is wrong. WS-X6748-GE-TX ports operating in 10 Mbps use 0.33%, while ports operating in 100 Mbps use 0.03%. 1 Gbps ports do not have any limitation.

Why 0.33% and 0.03% ? What exactly is the problem with these modules?
From what i have have found by asking around, there must be a specific asic which imposes this limitation. You can use the following command in order to find some of the major asics used in your 6500/7600 modules:

7600#sh mod
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
3 24 CEF720 24 port 1000mb SFP WS-X6724-SFP XXXXXXXXXXX
4 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX XXXXXXXXXXX
5 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE XXXXXXXXXXX

7600#sh asic-version slot 3
Module in slot 3 has 3 type(s) of ASICs
ASIC Name Count Version
JANUS 1 (1.0)
SSA 1 (9.0)
ROHINI 2 (1.5)
7600#sh asic-version slot 4
Module in slot 4 has 3 type(s) of ASICs
ASIC Name Count Version
JANUS 2 (1.0)
SSA 2 (9.0)
ROHINI 4 (1.5)
7600#sh asic-version slot 5
Module in slot 5 has 3 type(s) of ASICs
ASIC Name Count Version
JANUS 2 (1.0)
SSA 2 (9.0)
ROHINI 4 (1.5)

As you can also see, all 3 modules use the same asics, with WS-X6748-GE-TX and WS-X6704-10GE having double the number of each one of them (probably due to double bandwidth = double fabric connections). So i'm still missing some data here. I tried various "remote command module x show platform hardware asicreg" commands, but nothing interesting came up.

Update 4 Feb 10:00 : I had an email from Cisco that this is a limitation of modules that have the ROHINI asic and their ports are operating in 10 Mbps, 100 Mbps or 10 Gbps (CSCee79131). That explains a lot and it's nice to know. They also said, they'll try to update the documentation (but i'm not counting on that).

And now some quite interesting answers:

For these modules what is actually happening is that the level value configured for storm-control is multiplied by 3 and then round down to its closest integer. If 0 is the result, then 0 is actually used. If something >= 1 is the result, then the original configured value is used. Therefore, anything that is 0.33 or less will be rounded down to 0.

storm-control configured value multiplication by 3 rounding down storm-control actual value
0.10 0.10 x 3 = 0.30 0.00 0.00
0.20 0.20 x 3 = 0.60 0.00 0.00
0.30 0.30 x 3 = 0.90 0.00 0.00
0.33 0.33 x 3 = 0.99 0.00 0.00
0.34 0.34 x 3 = 1.02 1.00 0.34
0.50 0.50 x 3 = 1.50 1.00 0.50
0.90 0.90 x 3 = 2.70 2.00 0.90
1.00 1.00 x 3 = 3.00 3.00 1.00

Here is a much cleaner summary including the module :

ModulePort speedstorm-control configured valuestorm-control actual value
WS-X6704-10GE -X <= 0.33%0.00%
WS-X6704-10GE -X > 0.33%X
WS-X6748-GE-TX1 GbpsX X
WS-X6748-GE-TX100 MbpsX <= 0.03%0.00%
WS-X6748-GE-TX100 MbpsX > 0.03%X
WS-X6748-GE-TX10 MbpsX <= 0.33%0.00%
WS-X6748-GE-TX10 MbpsX > 0.33%X

As an extra note, you might want to ignore the errdisable functionality regarding storm-control on these platforms, since it's not actually supported.

7600#sh errdisable detect
ErrDisable Reason Detection status
----------------- ----------------
storm-control Enabled

7600#sh errdisable recovery
ErrDisable Reason Timer Status
----------------- --------------
storm-control Enabled

Maybe Cisco should implement actions for storm-control, like in other (i.e. 3750) platforms, so errdisable can get some meaning.

3750(config-if)#storm-control action ?
shutdown Shutdown this interface if a storm occurs
trap Send SNMP trap if a storm occurs

1 comment:

  1. true CCIE u r! good detailed research on each of the topic you get into...gr8 attitude.



Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Greece License.