Storm Control vs. Port Blocking


Understanding Storm Control

Storm control prevents traffic on a LAN from being disrupted by a
broadcast, multicast, or unicast storm on one of the physical

A value of 0.0 means that all broadcast, multicast, or unicast traffic on that port is blocked.

Switch(config-if)# storm-control broadcast level 0
Switch(config-if)# storm-control unicast level 0
Switch(config-if)# storm-control multicast level 0

Configuring Port Blocking

By default, the switch floods packets with unknown destination MAC
addresses out of all ports. If unknown unicast and multicast traffic is
forwarded to a protected port, there could be security issues. To
prevent unknown unicast or multicast traffic from being forwarded from
one port to another, you can block a port (protected or nonprotected)
from flooding unknown unicast or multicast packets to other ports.

Switch(config-if)# switchport block multicast

Switch(config-if)# switchport block unicast


My question - Does storm-control broadcast level 0 same as switchport block unicast?

Is it right for multicast -storm-control multicast level 0 and switchport block multicast


  • I guess

    storm-control unicast level 0  will block all (known or unknown) unicast packets

    switchport block unicast  will block only unknown unicast packets

    I am not sure though

  • My understanding of the technologies is that storm control limits the total amount of traffic entering an interface (based on what you specify), regardless of whether the destination is known.  The measurement is made as traffic enters the interface (from whatever is connected to it) and is passed to the switching fabric.

    Port blocking restricts unknown (flooded frames) from other interfaces entering from the switching fabric, but otherwise doesn't affect overall throughput.


  • Thank you!

    My question seems more theoretical and can't be used on practice[H]

Sign In or Register to comment.