Solved

ARP Broadcast Storms with HP 1910 switches

Posted on 2014-11-19
6
1,182 Views
Last Modified: 2014-11-19
Hello,

We’ve started deploying HP 1910 8 port switches to isolated areas of our network, because they are reasonably priced. Our core devices are HP 28xx series switches and Cisco 29xx series switches.

We’ve noticed that the HP 1910 units aggressively broadcast ARP requests for everything in their ARP tables. We have about 30 of the 1910’s now, and they’re responsible for 90% of our internal network traffic—2,000-4,000 packets per second of nothing but ARP requests.

It does calm down every now and then—you might get 30 seconds while nothing is transmitting, then it starts up again. Watching an individual switch’s traffic, they seem to chatter every 2-3 minutes, which roughly matches the ARP ageing default. The problem is, for an ARP table with 100 entries, it might send 20k ARP requests!

Does anyone have any ideas on how to make these calm down, or at least make them act like our Cisco and 28xx series switches, that don’t have this kind of flooding issue?
0
Comment
Question by:MarktheNerd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 30

Expert Comment

by:Predrag
ID: 40453039
That's not switch issue. That's network design problem.
a) you need to reduce number of hosts per VLAN
b) maybe there's a network loop
c) you need to set ports for host to portfast to reduce broadcast (this is optional and short term solution)
0
 

Author Comment

by:MarktheNerd
ID: 40453044
So even though only one specific switch model has the issue, it's a network design problem? Why wouldn't the other switches be displaying the same behavior, if it was a design issue?
0
 
LVL 30

Assisted Solution

by:Predrag
Predrag earned 500 total points
ID: 40453122
Switch by itself, without any reason don't produce such traffic (except broken ones - but broken is reason, isn't it?). If there is network loop that could explain that behavior. Or if ports for hosts are not in portfast mode.
First - network loop is self explanatory.
Second - every time someone turn on PC (if portfast is not issued to port) STP  start panicking  when receive TCN (topology change notification) - there's a change in network, and side effect of that is that switch reduces time for relearning MAC address in MAC address table from default 300 second to 15 seconds.
So, this can induct broadcast storms in larger network without any other design problem.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:MarktheNerd
ID: 40453300
I think the STP thing is probably on the right path. I haven't been able to figure out how to do portfast (Portfast is Cisco, this is HP, so I'm trying to find the equivalent), but if I disable STP on a given switch, the broadcasts stop immediately. I'll see if I can figure out the specific settings to keep it from happening now.
0
 
LVL 30

Accepted Solution

by:
Predrag earned 500 total points
ID: 40453313
HP paralel to portfast is edge-port, command is
Switch(config)#spanning-tree [portlist] edge-port
0
 

Author Comment

by:MarktheNerd
ID: 40453861
It's still being a bit odd, but at least we know the root cause now. Disabling STP is the Band-Aid we need until we can figure out the specific STP configuration we need. Thanks, Predrag!!!
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question