We ran into a broadcast storm issue last week that took us about 3 hours to trace back to a customer that was spewing into our network through our device connected to their network. The way it was ultimately found was by a few devices that had broadcast-containment on them and following the packet dropping backwards while adding more filters on devices until it was narrowed down and the port was shut down.
After this great experience with broadcast-containment filters we are contemplating rolling them out network wide. We are thinking 1024 limit on all 1G ports and 4096 on 10G ports. We're thinking customer and network facing ports. The main customer equipment on our network is 3902s and 3916s. Our core devices are 5150s, 3960s and 3940s, not to mention a whole bunch of 3930s for distribution to our wifi network.
Can anyone see any negative impacts for rolling this out to all devices? We do have at least two providers with management that was affected by the filters kicking in, so I just want to make sure I'm taking everything into consideration.