Port-Based Vlans; Broadcast Storms; Segmenting Broadcast Domains; Eliminating Broadcast Storms - D-Link DES-6300 User Manual

Modular L3 Ethernet Switch User's Guide

Port-based VLANs

In port-based VLANs, broadcast, multicast and unknown packets will be limited to within the VLAN.
Thus, port-based VLANs effectively segment your network into broadcast domains. Furthermore, ports
can only belong to a single VLAN.
Because port-based VLANs are uncomplicated and fairly rigid in their implementation, they are best
used for network administrators who wish to quickly and easily set up VLANs in order to limit the effect
of broadcast packets on their network.
For the most secure implementation, make sure that end stations are directly connected to the switch.
Attaching a hub, switch or other repeater to a port causes all stations attached to the repeater to
become members of the Port-based VLAN.
To setup port-based VLANs, simply select one of 24 VLAN ID numbers, name the VLAN and specify
which ports will be members. All other ports will automatically be forbidden membership, even
dynamically as a port can belong to only one VLAN.

Broadcast Storms

Broadcast storms are a common problem on today's networks. Basically, they consist of broadcast
packets that flood and/or are looped on a network causing noticeable performance degradation and, in
extreme cases, network failure. Broadcast storms can be caused by network loops, malfunctioning
NICs, bad cable connections, and applications or protocols that generate broadcast traffic, among
others.
In effect, broadcast storms can originate from any number of sources, and once they are started, they
can be self-perpetuating, and can even multiply the number of broadcast packets on the network over
time. In the best case, network utilization will be high and bandwidth limited until the hop counts for
all broadcast packets have expired, whereupon the packets will be discarded and the network will
return to normal. In the worst case, they will multiply, eventually using up all the network bandwidth
(although network applications will usually crash long before this happens), and cause a network
meltdown.
Broadcast storms have long been a concern for network administrators with routers traditionally being
used to prevent their occurrence, and if that failed, to at least limit their scope. However, with the
advent of VLANs, switches are now able to limit broadcast domains better and cheaper than routers.
Also, many switches, including the DES-6300 series, have broadcast sensors and filters built into each
port to further control broadcast storms.

Segmenting Broadcast Domains

VLANs can be used to segment broadcast domains. They do this by forwarding packets only to ports in
the same VLAN. Thus, broadcast packets will only be forwarded to ports that are members of the same
VLAN. Other parts of the network are effectively shielded. As a result, the smaller the broadcast
domain, the less effect a broadcast storm will have. Because VLANs are implemented at each switch
port, they can be quite effective in limiting the scope of broadcast storms.

Eliminating Broadcast Storms

SNMP agents can be programmed to monitor the number of broadcast packets on switch ports and act
on the data. When the number of broadcast packets on a given port rise past an assigned threshold, an
action can be triggered. When enabled, the usual action is to block the port to broadcast frames, which
discards all broadcast frames arriving at the port from the attached segment. Not only does this isolate
the broadcast domain, but it actually starts removing broadcast packets from the affected segment.
When the number of broadcast packets falls to an acceptable level (below a falling threshold), the SNMP
agent can remove the blocking condition, returning the port to its normal operational state.
34