The present invention relates to managing computer networks, and more particularly to managing unicast floods in networks.
An unknown unicast flood is created by sending Ethernet frames to a media access control (MAC) address that is unknown by a network. Since the destination MAC address is unknown, the frames are flooded out to all forwarding interfaces to all other switches, which in turn creates the same flooding of unknown unicast traffic until the source of the frames stops sending. Unknown unicast floods can starve the network of bandwidth and processing cycles.
Legitimate reasons for an unknown unicast frame to be seen include mismatched MAC aging timers between hosts and network devices where a known destination is disconnected or powered off from the network, or aged out on a switch but not aged out on a host trying to communicate.
Currently known storm control techniques limit the impact of unknown unicast floods by using a suboptimal approach of limiting a link by a percent of utilization, leading to wasted network resources and affecting legitimate traffic that is blocked when interface-wide limits are reached.