Manualshelf

Leaflet

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 6509-NEB-A Switch
31323334353637383940
37
OL-11615-01
Unicast and Multicast Flood Blocking
As part of the normal operation of a switch, each time a packet with an unknown destination MAC
address is received, the packet is forwarded to all ports on the switch, with the exception of the port from
which the packet was received. There are several possible reasons why a MAC address could be unknown
(the address is not found in the bridge table), either the switch has not yet received a packet sourced with
that MAC address, the bridge table entry for that MAC address has timed out, or the bridge table is
already full. In all cases, the indiscriminate flooding of packets consumes bandwidth and poses a
security threat. To prevent the flooding of packets with unknown MAC addresses, the Catalyst 6500 and
Catalyst 4500 Series switches implement the unicast flood blocking feature.
Unicast flood blocking is available on both Cisco IOS software and Catalyst OS software. This feature
is configured at the switch port level and, when enabled, it prevents any unknown unicast traffic from
being sent to the port. Prior to enabling unicast flood blocking on a port, you must have a static entry
(CAM entry) in the bridge table for each of the systems connected to that port. Enabling this feature
without the necessary static entries will break connectivity on the port.
Note By default, all of the Ethernet ports on a switch are configured to allow unicast flooding. Unicast flood
blocking allows you to drop the unicast flood packets before they reach the port.
Flood blocking for unicast traffic is supported on both Catalyst 6500 and Catalyst 4500 Series switches.
The Catalyst 4500 Series switches have an extended version of this feature called Port Unicast and
Multicast Flood Blocking. As the name indicates, this feature can block multicast traffic in addition to
unicast traffic.
Note Unicast flood blocking is supported on Catalyst 6500 and Catalyst 4500 Series switches running both
Cisco IOS and Catalyst OS software. Multicast flood blocking is supported only on Catalyst 4500 Series
switches running Cisco IOS software.
Catalyst 6500 and Catalyst 4500 Unicast Flood Blocking (Catalyst OS)
Unicast flood blocking is supported on both Catalyst 6500 and Catalyst 4500 Series switches running
Catalyst OS.
By default, all the Ethernet ports on the switch are configured to allow unicast flooding. To block unicast
flooding on the desired Ethernet ports use the set port unicast-flood command:
Console> (enable) set port unicast-flood
mod/port
enable
This example shows how to enable unicast flood blocking on a port:
Console> (enable) set port unicast-flood 4/1 enable
Unicast Flooding is successfully enabled on the port 4/1.
Console> (enable)
For more information on unicast flood blocking on the Catalyst 6500 running Catalyst OS, refer to the
following URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_5/confg_gd/uniflood.htm
For more information on unicast flood blocking on the Catalyst 4500 running Catalyst OS, refer to the
following URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/8_3/configur/uniflood.htm