We help IT Professionals succeed at work.

Determining switching loop using wireshark

TAMSCODAN
TAMSCODAN used Ask the Experts™
on
Hello Experts,
 Is there a way that I can track down a switching loop using Wireshark? and how can I determine if there is a broadcast storm when using Wireshark?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
You could set wireshark to filter and only show loop and STP traffic, but you would have to be monitoring a point inside the loop.  You can detect broadcast storms by watching the amount of unicast and multicast traffic, if they're much higher then normal, you may have a broadcast storm.
To be honest, and I may be corrected on this, but I don't think Wireshark will help you identify a loop. It will show up the vast quantity of packets from a broadcast storm however and from this it will be rather obvious when a storm occurs.

The best solution to preventing loops and storms is planning. Also investing in hardware that support STP (Spanning-Tree Protocol) can help prevent a loop because it checks your logical network before enabling a port.