I work at a school district and once in a while I have to physically disconnect our high school which connects to our middle school via underground fiber link. Basically something happens at the HS and just hammers the network with traffic.
Usually I use wireshark to try and find what the problem source is, like a virus, or just a network card acting crazy.
The middle school is the head end with the HS, and 2 elementaries also connecting through the middle school router. So when the HS disrupts everything it can literally shutdown 3 buildings completely. We can't even access internal servers, that's how bad it gets.
But unplug the fiber or disable the port on the 3Com switch and everything is fine again.
What settings can I put on this fiber port to suppress the traffic? Broadcast Suppression? Flow Control?
We also have a Sonic Wall firewall in transparent mode and I do have it detecting SYN Floods and proxying them when they reach a certain amount...
But today it's happening again and wireshark really isn't telling me much, I just know that if we plug the fiber in to the HS everything shuts down. So an entire building has been out for about 4 hours now. Usually at this point we end up shutting down everything in the building and selectively turning things back on.
I know 3Com has something called a Tipping Point device and just wondered what others were using out there. We have a big flat network really. No VLANS at all...