cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
987
Views
0
Helpful
12
Replies

Vlans L2 Broadcast

cisco.net
Level 1
Level 1

Hello All,

Please share how to check for heavy broadcast on L-2(Vlans) network. i.e how to confirm that heavy braodcast is coming from which particular Vlan on L-2 network.

Additonally, If STP is not enabled and there is loop on the link. Is there any possibility that loop is there only due to particular Vlan i.e not just b'coz of physical scenrio.

Regards

Jimmy.

12 Replies 12

lamav
Level 8
Level 8

1.) You can use a sniffer, like Ethereal or SnifferPro to examine and analyze the traffic being sent on the vlan. After the network stabilizes and the switches CAM tables are built and the end stations have their ARP tables populated, there really shouldn't be too much broadcast traffic. Typically, DHCP and ARP requests account for most broadcast traffic on an Ethernet segment.

2.) Loops exist because of the physical topology, period. If there arent any parallel data paths for a particular vlan (assuming you are deploying per-vlan STP), you cannot have a loop. Now, there are measures taken in software to mitigate those parallel paths, such as vlan pruning, and of course the STP algorithim itself.

HTH

Victor

For POint 1) Instead of third party tools, is there any cisco IoS command to check the heavy traffic from particular Vlan.

For Point 2) Conculded that loop only creates only due to physical topology. Not by any particular Vlan.

Jimmy

1.) "show interface "

2.) So, you mean you understand it now?

Hii,

For Point (1) i suppose there is some mis-confusion now. I am not asking for how to check traffic on particular interface.

I am looking for, How to check that heavy traffic is generating from which particular vlan among the big L2 network.

Regards

Jimmy

Hello Guys,

Can anyone share the exact solution for finding origin of heavy broadcast on Vlan network.

Jimmy:

All I can recommend is that you enable ip accounting on the vlan interface. It will give you the source and destination addresses of the flows going through that interface.

http://www.ciscopress.com/articles/article.asp?p=764234

Or enable NetFlow monitoring.

http://www.cisco.com/en/US/docs/ios/12_1/switch/configuration/guide/xcdnfc.html

HTH

Please Rate All Helpful Posts

Victor

Point 1 - Ehterreal (AKA Wireshark) is a free tool (Google Wireshark) that any network professional should have and know how to use. It is relatively easy to set up and use. This is the best option for tracking traffic. Sniffer is good also, but $$$$.

Spanning Tree - Be very careful not running spanning tree on a multiple switch network. One mis-cable and your loop free topology is toast. My experience is the majority of network issues relate back to spanning tree or other layer 2 issue.

Good luck

Hi, Bruce:

Your name sounds familiar...I did some work for Calence a few years back at TWC.

Anyway, he wants a Cisco tool, not Ethereal, etc. I suggested those first, too.

Victor

@ Victor,

Thanks. accouting command is not supportin on cisco 4507 switch. I have also tryed on global config mode and also on Vlan int.

Cisco_4507(config)#int vlan 20

Cisco_4507(config-if)#ip ?

Interface IP configuration subcommands:

access-group Specify access control for packets

address Set the IP address of an interface

authentication authentication subcommands

Can there is any other solution. As i guess L2 & L3 switch will not support this commands. I want this utility for tracking broadcast from Vlan(L2) network.

Regards

Hi There,

Victor and Bruce have both given you the answer:

Use Wireshark! (Previously called Ethereal)

It is open source (and therefore free).

http://www.wireshark.org/

It's what it is for, and any networking pro worth their salt should know how to use it.

Just install it on a laptop and connect it to vlan 2.

-Start Wireshark

-Click Capture -> Options

-Choose the interface to listen on at the top.

-In the capture filter put: "ip and broadcast"

-Change the Display options as desired.

-Click start.

If you want to see ethernet broadcasts as well as IP broadcasts, change the capture filter to just "broadcast"

Nick

Thanks a ton..!!!

Surely will implement this.

regards

Thanks a ton..!!!

Surely will implement and try this. But must to mention that preferably i am looking for tool or utility from cisco only to fulfill this requirement.

regards

Review Cisco Networking for a $25 gift card