There may not be a straight forward way to determine this. Following things should be considered before setting a value.
Steps to determine the configurable value:
- CPU handles broadcast and unknown destination mac-addresses from the user traffic in the network.
- CPU should also be handling the protocol control packets like OSPF/VRRP/MPLS etc., So, the configuration of these protocols should also be considered.
- Also, DOS-PROTECT applies to L3(IP) packets.
- Clear the l2stats and collect the output in a second when there is a peak traffic.
- Calculate the packets hitting the CPU and IGMP control packets snooped for all the VLANs.
- Similarly, calculate for the "ipstats" output.
- This may be considered as an average traffic that should be allowed to be handled by the CPU. Set a higher value than this average which may be optimal for the network.
Once determined, execute the following command.
configure dos-protect type l3-protect alert-threshold <number of packets>