How to catch broadcast storms on FoxGate switches

First of all, let’s look at the statistics of active traffic on ports:

show interface ethernet counter rate

Then we’ll look at the packet counters, especially pay attention to the BroadCast (pkts) column:

show interface ethernet counter packet

For a specific port, we will execute the command to view the statistics of the network interface several times:

show interface ethernet 1/25

And let’s pay attention to how the incoming and outgoing values of the broadcast packets change, if they do not change, then the broadcast packets do not go through this port, if the digit increases rapidly, then maybe there is a broadcast storm.

If necessary, we will enter the competing mode and set the limit of transmitted broadcast packets in kilobits (minimum value 1) for the required ports:

config
Interface Ethernet1/1
storm-control broadcast 50
Interface Ethernet1/2
storm-control broadcast 50
Interface Ethernet1/3
storm-control broadcast 50
...

Note that with a low broadcast bandwidth limit, DHCP broadcast requests from clients can also be blocked.

See also:
Block DHCP servers on FoxGate switches
Configuring the Foxgate S6224-S2 Switch

Port isolation on Foxgate switches

For the test, I will configure on the Foxgate S6224-S4, S6224-S2, S6208, and so on.

Connect to the switch through the console or telnet and switch to the configuration mode:

enable
config

Let’s create a group of isolated ports and add ports to it that do not need to see each other (in my case, clients are from 1 to 24):

isolate-port group users
isolate-port group users switchport interface ethernet 1/1-24

The command is the same on all Foxgate switches, but port numbers may differ, for example on S6224-S2 I configured it like this:

isolate-port group users
isolate-port group users switchport interface ethernet 0/0/1-24

After adding the ports to the group they will not see each other, but they will see the ports that are not in the group, I have the 25 port is the uplink on which the Internet comes, because it is not in the group, it sees all the ports, and the ports that the groups see him.

Let’s see the list of ports in the users group:

show isolate-port group users

Leave the configuration mode and save the settings:

exit
write