Solved

Excessive network traffic - Packets with other destinations

Posted on 2008-06-19
7
318 Views
Last Modified: 2010-04-21
Hi,

Yesterday the flooding control on the cisco 2950t switch kicked in so I had a look at the bandwidth graphs using CNA. Usually we get around 1-2mbit/s of our own traffic, but it was up to 18mbit/s.

Port statistics shows that the switch is mostly receiving unicast traffic, none of which is transmitted of the fabric.

Adding an ACL to the port with our providers uplink to block all but traffic coming from my home IP shows that all of the incoming traffic was not destined for any of our servers as it still kept coming.

Spanning the port to a machine on the net and using tcpdump showed that every packet had a destination IP which was not in our block but was rather destined or sourced from an IP somewhere else on our providers network.

Contacting our provider, they said that there's not much they can do short of allocating our own VLAN (which would involved renumbering).

My question really is that how are unicast packets with a different destination still ending up at my switch. I can understand multicast and broadcast. Also, would this be a routing issue within my providers network or is this just something everyone has to live with?

Thanks,

T. Ballantine
0
Comment
Question by:Alcedema
  • 3
  • 3
7 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 21821775
This is normal behavior as they are running multiple IP subnets on the same physical network (VLAN) so you will receive broadcast, multicast and unicast flooded traffic for every subnet that resides on the same VLAN.  This is why they are telling you that they can put you in your own VLAN to isolate you from other subnets.  There isn't anything you can do on your end.  My Internet connection at home is the same way.
0
 
LVL 32

Expert Comment

by:harbor235
ID: 21821783

Is your service provider routing that traffic to you? If they have a looking glass/route server you can lookup up the prefix in question and see how they route that traffic. If is hitting your edge then your service provider has to route it to you. Who is your service provider and what is the destination?

harbor235 ;}
0
 

Author Comment

by:Alcedema
ID: 21822108
JF:
Thanks. Would you know if there's a down side to them setting me up on my own vlan? They do all of our routing for us, we've just got a switch and a range of their IPs.  The way they gave the VLAN as an option was seemingly "at last resort".

harbor:
As above, they do all of the routing, we just use them as our uplink. I must admit I'm not a whiz when it comes to layer 3. Another above or below I'm fine with ;) We're currently with Poundhost (.com) and the destinations (and/or sources) are IPs also belonging to them. It's not just a couple of the same IPs, it's loads.

Thanks.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 43

Expert Comment

by:JFrederick29
ID: 21822130
Actually, being in your own isolated VLAN would be a benefit technically with the only downside being that they may charge you for this "option".
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 21822135
Well, the other downside being what you already know....your IP address block will change but that's what DNS is for :)
0
 

Author Comment

by:Alcedema
ID: 21827089
Going ahead and changing over to an isolated vlan for a one-off fee. Hopefully have next to nothing encroaching on our network afterwards.

Thanks for your help.
0
 

Author Closing Comment

by:Alcedema
ID: 31468703
Thank you :)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
No RSTP between switches 3 66
Mac-address sticky 12 61
P2P and MPLS 3 60
ospf neighbors not coming up 6 59
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question