Broadcast Storms; Segmenting Broadcast Domains; Eliminating Broadcast Storms - D-Link DES-3225G Series User Manual

24-port NWay Ethernet Switch User's Guide
To setup port-based VLANs, simply select one of 24 VLAN ID numbers, name the VLAN and specify which
ports will be members. All other ports will automatically be forbidden membership, even dynamically as a
port can belong to only one VLAN.

Broadcast Storms

Broadcast storms are a common problem on today's networks. Basically, they consist of broadcast packets that
flood and/or are looped on a network causing noticeable performance degradation and, in extreme cases,
network failure. Broadcast storms can be caused by network loops, malfunctioning NICs, bad cable
connections, and applications or protocols that generate broadcast traffic, among others.
In effect, broadcast storms can originate from any number of sources, and once they are started, they can be
self-perpetuating, and can even multiply the number of broadcast packets on the network over time. In the
best case, network utilization will be high and bandwidth limited until the hop counts for all broadcast
packets have expired, whereupon the packets will be discarded and the network will return to normal. In the
worst case, they will multiply, eventually using up all the network bandwidth (although network applications
will usually crash long before this happens), and cause a network meltdown.
Broadcast storms have long been a concern for network administrators with routers traditionally being used
to prevent their occurrence, and if that failed, to at least limit their scope. However, with the advent of
VLANs, switches are now able to limit broadcast domains better and cheaper than routers. Also, many
switches, including the DES-3225G series, have broadcast sensors and filters built into each port to further
control broadcast storms.

Segmenting Broadcast Domains

The Switch allows you to segment broadcast domains. It does this by forwarding packets only to ports in the
same broadcast domain or VLAN. Thus, broadcast packets will only be forwarded to ports that are members of
the same broadcast domain or VLAN. Other parts of the network are effectively shielded. As a result, the
smaller the broadcast domain, the less effect a broadcast storm will have. Since VLANs and broadcast
domains are implemented at each switch port, they can be quite effective in limiting the scope of broadcast
storms.

Eliminating Broadcast Storms

SNMP agents can be programmed to monitor the number of broadcast packets on switch ports and act on the
data. When the number of broadcast packets on a given port rise past an assigned threshold, an action can be
triggered. When enabled, the usual action is to block the port to broadcast frames, which discards all
broadcast frames arriving at the port from the attached segment. Not only does this isolate the broadcast
domain, but it actually starts removing broadcast packets from the affected segment. When the number of
broadcast packets falls to an acceptable level (below a falling threshold), the SNMP agent can remove the
blocking condition, returning the port to its normal operational state.
In the Switch, the default rising threshold is met when more than 500 broadcast packets per second are being
detected on a specified port. Once the rising threshold is surpassed for a duration of more than 5 seconds, it
will trigger the broadcast storm rising action configured by the user. The default falling threshold is met if
there are less than 250 broadcast packets per second. It is triggered once the duration is at least 30 seconds.
The actions can easily be defined by using a normal SNMP management program or through the console
interface.
Switch Management Concepts 35