Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

reducing broadcast traffic (router,switches)

Status
Not open for further replies.
ncohafmuta

ncohafmuta

ISP
Apr 28, 2003
9
US
Hi,

I have a network consisting of about 10 Cisco Catalyst 35xx and a Cisco 3660 router. The Catalysts have seperate customers connected to each port. Each customer (maybe 75-100 total) are not part of their own subnet, but part of a /24, of which there are about maybe 10 /24s active in the network. (e.g. Customer1 may be in one /24 and Customer2 may be in another). The customer ports are seeing about 25kb/s of broadcast traffic. I'd like to reduce this traffic without having to re-ip the customer machines. How can I do this?
I'm not a cisco-guru, so any hand-holding is appreciated.
Thanx.

--Tony
 
Sort by date Sort by votes
is this local broadcast traffic like ARP

gunthnp
Have you ever woken up and realized you where not alive.
 
Upvote 0 Downvote
I can think of 3 ways you can address this. Some better than others so here goes:

1. Identify a physical point of seperation between customers (uplink port) and basically "black hole" all broadcast traffic comming from one customer going to another customer and vice versa. Not sure in the cisco world but I use access-lists to do this with Extreme gear. I must say that this is a horrible idea as it is a maintenance nightmare and broadcast traffic is there for a reason, sending it to a "black hole" is a bad idea.

2. Capture and study the traffic to identify what can be changed to minimize broadcast traffic. For example, if your a netware environment, using multiple ethernet frame formats can really cause the BC traffic to spike. Select a single frame format such as 802.2 and eliminate all others (802.3, RAW, etc.) Also look for unneccessary routing protocols such as IGMP or CDP, what-have-you that are not necessary and configure all offending equipment to not use it. This is a good idea for any environment but is labor intensive and requires tremendous knowledge to not break things.

3. You stated you did not want to re-IP all workstations and if your lucky and all customers have contigous IP space, you can potentially change the mask of each of your ten /24 networks to /25 and have 20 128 node networks. This will most likely involve re-IP work as each customer is going to now be on IP's 1-126 or 128-254. I would bet money your space is not already setup this way. Splitting the networks in two does halve your broadcast traffic however. From a security standpoint, each customer should be on their own network anyhow. Having a layer-3 boundary between customers really improves your control.

I do have a question for you however. 25kb a second is not much on a 100mb link. Is it Kilobits (Kb) or Kilobytes (KB) as there is a difference. 25KB is 8 times larger than 25Kb. I am going to assume its 25KB and that works out to .2% link utilization on a 100Mb (12.5MB) link. A 100Megabit link is 12.5Megabytes which is 12500Kilobytes. 25Kilobytes divided by 12500Kb = .002 or .2 percent utilization. Not much at all which leads me to ask why you wish to reduce this.

Brian
 
Upvote 0 Downvote
well, 25k/s is a lot for customers, it translates to around 8GB/month, esp. when you only get 10GB transfer per month before you have to pay extra.

 
Upvote 0 Downvote
Hmmmm......If you have customers that are sharing a network/broadcast domain and your charging them for bandwidth usage, then they are being charged usage for each others broadcast traffic. Your customers are getting the short end of the stick here. I know I wouldn't be happy from both a usage and security standpoint. Your original post led me to believe that customers are sharing networks, is my assessment accurate?

Brian
 
Upvote 0 Downvote
Yes, this is the problem. Obviously they shouldn't pay for that bandwidth. Yes, they're shared. No bandwith limiting, scattered across /24s.

90% of the ARPs come from my cisco router and a linux router.

--Tony
 
Upvote 0 Downvote
The only I can think then would be put them all on there own subnet

when they go to yahoo.com they will arp for the address and your router will send back it address

or you can add routing in earlier in the line like at the customers end but it will take layer 3 to stop it

gunthnp
Have you ever woken up and realized you where not alive.
 
Upvote 0 Downvote
If you want to specifically want to control ARPing, up the aging time. Sounds to me like its considerably more ARPing than necessary, it may be indictative of another problem. ARPs are exclusive to each /24 network so only 254 nodes need to be ARPed for. The aging time is 5 minutes in my environment for example so the cisco and linux devices ARPing heavily doesn't sound healthy to me.

Brian
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
701
sbcsu
sbcsu
03Explorer
  • Locked
  • Question
Linux monitoring my own ASUS router (MRTG)
Replies
0
Views
213
03Explorer
03Explorer
mrbean2766
  • Locked
  • Question
Port Mirroring - Only LAN traffic mirrored!
Replies
3
Views
157
cmeagan656
cmeagan656
Kevinillingw
  • Locked
  • Question
DHCP Router or Server
Replies
0
Views
132
Kevinillingw
Kevinillingw
r15gsy
  • Locked
  • Question
High traffic hitting my SMTP server from 216.139.246.155
Replies
2
Views
98
Noway2
Noway2

Part and Inventory Search

Sponsor

Back
Top