Solved

question about vlans and unicast traffic

Posted on 2013-10-23
8
391 Views
Last Modified: 2013-11-12
Hey guys i have a question. Vlans are for segmentation of broadcast domains, i fully understand that.

I think historically it was created because most accessed resources were local in sites, so tons of broadcast traffic and arping was going on, but now most traffic is unicast out to the internet.

My question is, does vlan segmentation realy help you if all of that traffic is going right the wan pipe and not many local resources are being accessed?
0
Comment
Question by:mrbayIt
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39595884
Yes,

You still have broadcast traffic such as ARP, SMB, and DHCP that still occurs in the vlans.
0
 

Author Comment

by:mrbayIt
ID: 39596254
i agree i just want to fully understand the scope of what were talking about. dhcp only occurs upon obtaining a lease, lets say for example i have 7 day leases so there is no dhcp going on with 1,000 employees all on the same /16 network. how often does the arping and smb occur?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 39596743
This is one of those questions where there are a ton of variables that can affect the answer.  

If all the traffic is going out the WAN, then once a device ARPs its default-gateway, it shouldn't need to ARP it again until the entry ages out of the ARP cache.  Now the question is: how long will the entry stay in the ARP cache?  That will depend on a number of factors.  But somewhere between 30 seconds and 10 minutes since the last time the cache entry was used is pretty typical.

Then there's the background noise. I've seen some Windows installs generate a broadcast every 30 seconds.  Totally unnecessary, but that's how the O/S was configured.  

If you have 1,000 of those on your network, then you're looking at 33 broadcasts per second crossing every link and being seen by every device on your network.

And don't forget that broadcasts are recognized and processed by every device.

Now rather than try to figure out how often a device has to refresh its ARP cache entry and generate spurious broadcasts, I prefer to simply look at broadcast traffic as a percentage of total traffic. As long as your broadcast traffic doesn't exceed 20% of your total traffic (during normal usage hours), then you're fine.

Except for the security thing...  It can be a bit of a challenge (if it's possible at all) to control traffic between devices on the same broadcast domain. But put them on different networks where they have to go through a router and it's much easier to control who can get to whom.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 27

Expert Comment

by:Steve
ID: 39596820
I think historically it was created because most accessed resources were local in sites, so tons of broadcast traffic and arping was going on, but now most traffic is unicast out to the internet.

Not sure where you've got that from, but it's simply not true. Broadcast traffic is an intrinsic part of the current networking protocols and is still very much a part of current traffic.

My question is, does vlan segmentation realy help you if all of that traffic is going right the wan pipe and not many local resources are being accessed?
Yes. if you have various sections of your networks that could be separated, VLANS can make a huge difference to efficiency and internal bandwidth.
This is especially true with lag sensitive systems like Voice.

VLANS are not always suitable and aren't needed in many situations, but when traffic flow is identified as a concern it is definitely a suitable option.

I've been called in to troubleshoot many networks in the past to find that poor design and too much broadcast traffic is saturating links and causing bottlenecks.
Splitting into well designed VLANS has been proven to vastly improve many slow networks, which is particularly worrying when other IT consultants had already attempted to solve the issue by throwing new network hardware at the problem without identifying the actual cause.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 39596908
Not sure where you've got that from, but it's simply not true. Broadcast traffic is an intrinsic part of the current networking protocols and is still very much a part of current traffic.
Before switches, the number of hosts on a network was limited by collisions. So it was unlikely to have more than a hundred or so hosts on a network.  Back then, broadcasts weren't the problem, collisions were.

When switches started replacing hubs, collisions stopped being a limiting factor. So more and more hosts were added to the network. Before long, a problem that hadn't been seen before arose: excessive broadcast.

One of the reasons for VLANs (some vendors referred to the concept as partitioning ports) at that time was to create multiple broadcast domains to control the broadcasts. Not the only reason, mind you, but one of them.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 39639457
A grade of a "C"?  The lowest possible grade?

Can you tell me what part of my answer was lacking?
0
 

Author Comment

by:mrbayIt
ID: 39640058
i was just on autopilot, i dont mind giving a better grade how can i?
0
 
LVL 27

Expert Comment

by:Steve
ID: 39642830
@Mrbayit
Would have liked to think some of the other responses were worth at least a few 'assistance' points .  Particularly as my response was even quoted in the answer you accepted....

:-(
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question