• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 499
  • Last Modified:

Broadcast storm

Although computer networks and network devices are very intelligent and efficient, networks and network devices sometimes fail to provide 100% efficiency. The broadcast storm is one of the major deficiencies in computer network systems.
Hi all,


I aam trying to understnd the principle of a broadcast storm. I fond this piece in technophobia which is of interest to me because it might lead me to understanding a similar problem. However I dont seem to be able to follow the logic


"For example, let's suppose there is a small LAN network consisting of three switches (Switch A, Switch B and Switch C), and three network segments (Segment A, Segment B and Segment C). Two nodes are attached within this network. Node A is attached to Segment B, while Node B is directly attached to Switch A. Now, if Node B wants to transmit a data packet to Node A, then traffic will be broadcast from Switch A over to Segment C; if this fails, then Switch A will also broadcast traffic over Segment A. Because Node A neither attaches to Segment C, nor Segment A, these switches would further create a flood to Segment B. If neither device/switch has learned the Node A address, then traffic will be sent back to Switch A. Hence, all devices/switches will keep sending and resending the traffic, eventually resulting in a flood loop or broadcast loop. The final result is that the network will melt down, causing failure in all network links, which is referred to as a broadcast storm."

I should be grateful if someone could explain it to me with a diagram or sketch so i can better understand it .Also if anyone would like to share any thoughts on this type of problem i would appreciate it.
0
PipMic
Asked:
PipMic
1 Solution
 
Joseph O'LoughlinCommented:
There's an nice explination here
http://info.copperriverit.com/CopperRiverITblog/bid/56143/A-Perfect-Storm-Layer-2-Broadcast-Storm

Layer 1 is the electrical connection.  For this analogy think of it as the air, the medium over which sound travels.
A layer 1 switch is called a hub.  On a lilly-pad a frog croaks.  The sound traverses the pond.

Layer 2 switches are not simple electrical connections.  Other frogs hear the first frog, and to compete for mates, start croaking.  Each device has a mac address, or a special address is used to mean broadcast.  The switch looks at the source and destination mac addresses of the packets it receives, and does two things.  It builds a table of port and mac addresses from the source addresses, and it forwards traffic out the port associated with the destination address.  If it doesn't know the address, it forwards the traffic out all ports, except the on the packet was received on.  This paragraph describes a dumb or unmanaged switch.

Broadcast storms occur when there is a loop in the network, when two or more switches have not learned the destination address, and a packet cycling between two switches causes ceaseless broadcasts to the other ports.  To avoid this the switch needs to support spanning tree, a mechanism by which the switches effectively learn the configuration of the network.  It is the equivalent of one frog telling the other to shut up, listen to what I'm saying, and forward this message on, and if you can't hear me, the message will be relayed out this alternate port.  Each port when it initialises stays quite for a moment waiting to see if it receives a packet from it's neighbour to learn whether it's a switch, and whether it's number in the spanning tree hierarchy is lower or higher.  If two or more ports on one switch realise they are connected to the same neighbour, all but one port is shut down to remove loops from the network.

Think of a broadcast storm as a cacophony of frogs croaking.  When there are no loops in the network, and the switches have each populated their mac address tables, packets flow smoothly from starting point to destination point, it is a harmonious frog chorus.

This silent pause on the initial connection can interfere with the auto-negotiation of speed and duplex by pcs, printers, and other edge-node devices.  It is common for the fallback to be half duplex, and like pulling in on a one lane road to let traffic coming the other way by, it is common that UDP network packets get dropped.  Unfortunately Microsoft's network protocols often assume a reliable network over UDP, causing problems, lessened as CIFS becomes more universal with each windows version.

It's common to find small switches under office desk clusters that don't support spanning-tree, meaning ad-hoc reconfigurations can bring network segments down.  The extent of a broadcast storm is between all the L2 devices, but a L3 device like a router doesn't pass the broadcast on.  (Layer 3 broadcasts are a separate thing).  

A managed layer 2 switch has an IP address or serial port to allow it to be configured.  Virtual networks can be configured by putting ports into one or more vlans, with or without tagging the transversing traffic.  In terms of automdx and auto-negociation, on a managed switch you can, knowing that PCs etc are connected as distinct from switches, enable portfast or edgeport to disable spanning tree on a given port.  

Spanning tree happens in human time you can see the behaviour of the flashing lights on the ports (no standard, varies between manufacturer) and can see the rapidly blinking lights on the switches characteristic of a broadcast storm,  As most sites are multi-vendor, you can see why the network administrators are keen that the cabling cabinets are lockable and locked, hopefully with a network diagram stored inside.  This will show that HR are on VLAN 12, the general use PCs are on VLAN4, the servers are on VLAN 20, the internet router's on VLAN 24 etc, and where the cabiling cabinets are, whether there are Power over Internet devices (e.g. Wireless Access points, security cameras, door entry systems).

It is also common to use a managed switch behind a server hosting virtual machines to map virtual network ports to physical ports.  The server has several vlans on it's physical network card, with different individual ports on the external switch and internal virtual switches or virtual network cards on virtual machines using a given vlan.  Then to multiply the number of ports, on a given virtual machine (e.g the firewall) plugging unmanaged switches into managed switch ports, rather than putting multiple managed switch ports onto the same vlan.  

Cabling can quickly become a rats nest, so new offices are often flood wired with colour coded cabling to minimise retrofitting.

Because of cloud computing and it's continuity requirements an area in demand is software configured networks.
0
 
PipMicAuthor Commented:
Apologies for the delay in replying
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now