Scenario:

Firmware version: V.1.0.2.29

Behavior of ATC:

Notice: the port need to be re-enabled manually when it is shut down by ATC.

Procedures:

<1> Configure the IP address of syslog server on switch and enable the "trap" function. (Please remember to configure the management IP address on switch first.)

Console(config)#logging host 192.168.1.200
Console(config)#logging trap

Console#show logging trap
Global Configuration:
  Syslog Logging           : Enabled
Remote Logging Configuration:
  Status                   : Enabled
  Facility Type            : Local use 7 (23)
  Level Type               : Debugging messages (7)
  Remote Host 1          :
    Server IP Address : 192.168.1.200
    Port              : 514

<2> Configure the ATC function for broadcast/multicast traffic. (The following is an example for broadcast, and the configuration method is the same for multicast.)

1. Setup the apply-timer, the timer will start to countdown when the traffic trigger the fire-threshold.

If the traffic does not reduce to the clear-threshold before the end of the countdown, switch will active the control action to limit ingress traffic or shut down the offending port.

Console(config)#auto-traffic-control broadcast apply-timer 5

2. Setup the "shutdown" action of ATC and enable the trap function for it.

Console(config)#interface ethernet 1/1
Console(config-if)#auto-traffic-control broadcast action shutdown
Console(config-if)#snmp-server enable port-traps atc broadcast-control-apply

3. Configure the fire-threshold and enable the trap function for it.

Notice: The fire-threshold cannot lower then clear-threshold.

Notice: The unit of ATC-threshold is "Kilo-packets per second". For example: If you configure 200 then the threshold will be 200,000 pps (200*1,000).

Console(config-if)#auto-traffic-control broadcast alarm-fire-threshold 200
Console(config-if)#snmp-server enable port-traps atc broadcast-alarm-fire

Result:

In this example, the fire-threshold is 200 kpps and apply-timer is 5 seconds.

Thus the port will be shutdown when the port received the broadcast traffic over than the fire-threshold reach to 5 seconds.

This is the configuration of packet generator and it will send the 210 kpps packets.

<A> Broadcast traffic test result.

1. The log of the switch.

Console#show log ram
[3] 08:04:53 2017-10-12
   "STP port state: MSTID 0, Eth 1/1 becomes non-forwarding."
   level : 6, module : 5, function : 1, and event no. : 1
[2] 08:04:52 2017-10-12
   "Unit 1, Port 1 link-down notification, reason: Auto Traffic Control - Broadcast."
   level : 6, module : 5, function : 1, and event no. : 1
[1] 08:04:52 2017-10-12
   "ATC broadcast traffic_control gets enabled on port 1."
   level : 6, module : 5, function : 1, and event no. : 1
[0] 08:04:47 2017-10-12
   "ATC broadcast storm alarm on port 1"
   level : 6, module : 5, function : 1, and event no. : 1

2. We can see the "Link Down Reason", the port 1 has shutdown by broadcast ATC.

3. Switch will send the trap to the syslog server.

<B> Multicast traffic test result.

1. The log of the switch.

Console#show log ram
[3] 09:19:53 2017-10-12
   "VLAN 1 link-down notification."
   level : 6, module : 5, function : 1, and event no. : 1
[2] 09:19:52 2017-10-12
   "Unit 1, Port 1 link-down notification, reason: Auto Traffic Control - Multicast."
   level : 6, module : 5, function : 1, and event no. : 1
[1] 09:19:52 2017-10-12
   "ATC multicast traffic_control gets enabled on port 1."
   level : 6, module : 5, function : 1, and event no. : 1
[0] 09:19:47 2017-10-12
   "ATC multicast storm alarm on port 1"
   level : 6, module : 5, function : 1, and event no. : 1

2. We can see the "Link Down Reason", the port 1 has shutdown by multicast ATC.

3. Switch will send the trap to the syslog server.