storm-control action shutdown
Configures the switch to shut down a port when a storm exceeds the configured threshold, preventing broadcast, multicast, or unicast storms from affecting network stability.
storm-control action shutdownWhen to Use This Command
- Protecting access ports from excessive broadcast traffic caused by loops or misconfigured devices.
- Mitigating the impact of a denial-of-service (DoS) attack that floods a switch port with multicast frames.
- Automatically disabling a trunk port that experiences an abnormal unicast storm due to a faulty NIC.
- Enforcing traffic storm control policies on ports connected to untrusted end-user devices.
Command Examples
Basic storm-control action shutdown on an access port
interface GigabitEthernet0/1
storm-control broadcast level 50
storm-control action shutdownSwitch(config-if)# storm-control broadcast level 50 Switch(config-if)# storm-control action shutdown Switch(config-if)# end Switch# show storm-control GigabitEthernet0/1 broadcast Interface Filter State Upper Lower Current ----------- ------------ ------------ ------------ ------------ Gi0/1 Shutdown 50.00% 50.00% 0.00%
The output shows that interface Gi0/1 has storm control enabled for broadcast traffic with an upper threshold of 50%. The filter state is 'Shutdown', meaning the port will be error-disabled if the threshold is exceeded. Current traffic is 0.00% of bandwidth.
Storm-control action shutdown with multicast threshold
interface GigabitEthernet0/2
storm-control multicast level 30
storm-control action shutdownSwitch(config-if)# storm-control multicast level 30 Switch(config-if)# storm-control action shutdown Switch(config-if)# end Switch# show storm-control GigabitEthernet0/2 multicast Interface Filter State Upper Lower Current ----------- ------------ ------------ ------------ ------------ Gi0/2 Forwarding 30.00% 30.00% 10.00%
The interface Gi0/2 has multicast storm control with a threshold of 30%. The filter state is 'Forwarding' because current traffic (10%) is below the threshold. If traffic exceeds 30%, the state changes to 'Shutdown' and the port is error-disabled.
Understanding the Output
The 'show storm-control interface' command displays storm control status per interface. The 'Filter State' column indicates whether the port is currently forwarding traffic ('Forwarding') or has been shut down ('Shutdown') due to a storm. 'Upper' and 'Lower' show the configured thresholds (as percentage of bandwidth). 'Current' shows the real-time traffic percentage for that traffic type. A 'Shutdown' state means the port is in errdisable state and must be manually re-enabled (or via errdisable recovery). A 'Forwarding' state with 'Current' near 'Upper' indicates the port is at risk of being shut down. Watch for interfaces that repeatedly enter shutdown state, indicating persistent storm issues.
CCNA Exam Tips
CCNA exam tip: Storm-control action shutdown puts the port in errdisable state; you must manually re-enable it or configure errdisable recovery.
CCNA exam tip: The storm-control command is applied per interface and can filter broadcast, multicast, or unicast traffic separately.
CCNA exam tip: The default action is to drop excess traffic (filter), not shutdown; you must explicitly configure 'storm-control action shutdown' to disable the port.
CCNA exam tip: On CCNA, know that storm control thresholds are set as a percentage of total interface bandwidth.
Common Mistakes
Mistake 1: Forgetting to configure 'storm-control action shutdown' — the default action only drops traffic, not disables the port, so the port remains up but may still be overwhelmed.
Mistake 2: Setting the threshold too low (e.g., 1%) causing legitimate traffic to trigger shutdown frequently.
Mistake 3: Not configuring errdisable recovery for storm-control, requiring manual intervention to bring the port back up after a storm event.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions