Solved

broadcast traffic

Posted on 2014-02-22
8
377 Views
Last Modified: 2014-04-08
I am trying to see how much traffic is generating in my vlan. When I did the sh int vlan 10, I see no broadcast but there are multicast. Is there a command to look at the broadcast for the vlan? Thanks
0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39879887
No command.  You will need to do a packet capture.

If you can get a computer on the VLAN/IP Subnet in question it would probably be easier than the other option.

The other option is to use port mirroring.  You either need physical access to a switch that is on the VLAN/IP subnet you want to monitor or you need switches that support RSPAN.  The only issue with RSPAN is if the VLAN generates a lot of traffic you could flood a link between switches.
0
 
LVL 27

Expert Comment

by:masnrock
ID: 39880609
Giltjr is 100% correct. As part of the capture, you will need to use tools such as Wireshark. But without doing what has already been mentioned, you will not be able to do it.
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 39912783
What kind of device are you looking at (sh int vlan 10 sounds like Cisco) because Cisco absolutely shows broadcasts:

  L2 Switched: ucast: 15779125210 pkt, 18823193060427 bytes - mcast: 13524425 pkt, 1275607608 bytes
  L3 in Switched: ucast: 31588733531 pkt, 41521487754788 bytes - mcast: 0 pkt, 0 bytes mcast
  L3 out Switched: ucast: 31121695300 pkt, 18523037712040 bytes mcast: 0 pkt, 0 bytes
     31619970443 packets input, 41526015931352 bytes, 0 no buffer
     Received 13523539 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 67 throttles

That's partial output from a VLAN on a Cisco 65xx

Good luck,
Steve
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 1

Author Comment

by:leblanc
ID: 39914172
Yes. It shows you the broadcast from the interface level. I am curious if I can get the number of broadcast for the whole vlan.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 500 total points
ID: 39914195
The SVI for the VLAN will receive all broadcasts on the VLAN.  So doing the show for the VLAN interface show all broadcasts.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39914236
So if I have 2 switches each with interface vlan10. The number of broadcast will be the total of the two. Does it sound correct?
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 500 total points
ID: 39914651
No, all you need to do is look at one of them.  Rember a broadcast goes to ALL devices on that same VLAN (a.k.a layer 2 network).

Every device that is in the same layer 2 network will see ALL broadcasts.  So both of those interfaces will see all broadcasts.  There will be a slight difference in the number each of those SVI's will report, because they don't count the broadcasts they send out.

Say you have 100 PC's, and two SVI's.  If the 100 PC send out 500 broadcasts combined, SVI#1 sends out 10 and SVI #2 sends out 15, the SVI#1 will see 515 (the 500 from the PC's and the 15 from SVI#2) broadcasts  and SVI#2 will see 510  (the 500 from the PC and the 10 from SVI#1).

If you were to combine the two SVI counts, then you would be counting the 500 broadcasts from the PC's twice because each SVI would see all 500.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39914975
Got it. Thx
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
BGP Local Preference 5 47
Eset Smart Securties ARP poisoning attack 3 46
Failover for DMVPN 3 30
Router speed limit 7 61
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question