Subnetting to limit broadcast traffic


Recommended Posts

The switch, if you looked up the model based on the screen shot he provided on page one, is poe.

My bad. When I read it, I read it as the TS not TPS. We did a similar exercise a few years ago. Separated the 2 and it made managing the network a lot easier.

Link to comment
Share on other sites

I would strongly suggest running other cables for your voice, it really makes things easier. Logistically, management wise, and speed wise.

Take your phone and play with the vlan tagging and untagging with that.

Link to comment
Share on other sites

Why do you think broadcast traffic is what is causing your issues? There are ways to turn off some of the nonsense broadcasting that might be going on if that is the case.

I would run a sniff on your pc during the day, busy part of the day.. Let it run for say 30 minutes. Then look at it and see what portion of the traffic is broadcast.. I would assume that switch has the ability to do IGMP snooping - which can lower the amount of multicast traffic to your devices as well.

I doubt your using SSDP, so that could be turned off.. A sampling of the type of broadcast traffic your seeing, and I am sure you could reduce the amount of it quite a bit!! With some changes in your OS settings, disable services.

Off the top I would think by default all your PCs are able to be browser - when there is NO point to that, so they are sending out that traffic I bet - so simple disable of computer browser service on all your PCs other than your servers you would want to be master browser would reduce broadcast.

Grab wireshark (free) log some traffic for period of time - and then lets look at the type and amount of broadcast traffic your seeing and we can see what we can do to reduce it.

example:

I grabbed only a few seconds of traffic on this work network (which I do NOT MANAGE BTW - my box just sits on this network) There is a bunch of clean up I would do, and things I would do WAY DIFFERENT!!

But as you can see - only a few seconds and quite a bit of nonsense that could be removed. Got users running dropbox with lan sync enabled - maybe they are syncing with other workers? Doubt it - notice the browser looking for web URLS - thats because they browsers are not correctly setup not too, and they query dns and it dies not respond because only the proxy here can do outside dns queries. Notice the machines announcing they can be browser, pointless for them to do that. See the multicast SSDP traffic - again pointless on a work network! We sure an the hell are not using any UPnP stuff...

Dhcp is about the only thing on there that should be seen ;) And you could reduce the amount of that depending on your lease time, etc.

post-14624-0-16134200-1364850764.jpg

And that was only a couple of seconds and pointed out stuff that could be done to reduce broadcast/multicast traffic. So lets see yours.. Run it for longer or just start with a few seconds and we can point out stuff I am sure.

Post up the statistics breakdown, etc. You looking to reduce nonsense traffic - are you using IPv6? Bet you all your boxes have all that stuff enabled sending out noise for something you have no use of, etc.

I find it unlikely that broadcast/multicast is killing your network - but sure its possible you got some storms going on?? We can clean up the stuff that does not need to be there for sure, prob won't make much impact on your performance overall - but its good house keeping regardless of any performance impact.

and just if your curious, no none of that is from my box

IP Address. . . . . . . . . . . . : 10.56.41.184

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.56.41.1

Link to comment
Share on other sites

Well I don't see much noise there other than a few people running lan sync on their dropbox - do they sync to each other? If not I would have them turn off lan sync option. See couple of hosts doing browser announcements, you can clean that up via disable of computer browser service on all but the servers or pcs that are going to be your master browser for MS network browsing.

Looks like that is about 30 seconds or so from time stamp of your first pic to your last, if that is all your seeing its not much broadcast or multicast.

So I am not sure why you think broadcast traffic is causing your network issues?

edit: looks like your 1.176 in those sniffs - looks like your running dropbox lan sync as well ;)

Link to comment
Share on other sites

If you are not using dropbox on your lan you may want to disable the lan sync portion of it. That will shut down that broadcast chatter.

Link to comment
Share on other sites

1.2.3.9 ?? That is out of place - you got some sort of misconfiguration there for sure. 1.2.3.9 is a APNIC range that is for research under the debogon project? Pretty sure you should not be seeing traffic from that IP on same wire as your 192.168 network ;)

You should only ever see traffic from IPs in the same range on the same wire - if your seeing other networks on the same wire your setup wrong! ;) You should not run more than one address scheme on the same wire.

Link to comment
Share on other sites

lol, ya I am 176. =)

I actually am not seeing much broadcast I suppose other then from me. I guess really maybe just fixing the subnet so I can have more IP's is really the only thing left I need to adjust.

When you subnet, let's say I do have broadcast issues... I assume since 192.168.1.*, and 192.168.2.*, etc. are on the same subnet so therefore that would not fix that issue if it was broadcast, am I understanding that part? However if I had one on a subnet of 255.255.255.0, and the others on 255.255.252.0 they would ease broadcast traffic if that was the issue? And of course a router in between so they could talk to each other correct?. Just so I understand is all, maybe its not the broadcast. I might look back into the switch about VLan and separate the phones somehow at least.

Link to comment
Share on other sites

255.255.255 or /24 and 255.255.252 or /22 are not really subnets those are you masks.

so for example 192.168.3.0/24 is a subnet of 192.168.0.0/22

If you wanted to use the /22 space, then you could subnet that down to 4 /24's

192.168.0.0/24

192.168.1.0/24

192.168.2.0/24

192.168.3.0/24

If all your looking to do is get more address space - then you could change your current 192.168.1.0/24 to /23 and then you could use addresses of 192.168.0.1 to 192.168.1.254 were 0.0 would be wire and 1.255 would be broadcast.

I would look into that 1.2.3.9 thing though.. And sure looks like from your screen shot your switch has voice vlan support so you could put your phones on their own vlan different than your PCs and other devices.

This would limit your broadcasts to devices on the same vlan. But not really seeing that much broadcast there -- if your saying your having issues with the network maybe get a sniff while the issue(s) happen - maybe you are seeing a broadcast storm during that period?

But even a /23 should not cause you much issue with broadcast unless you have some really really chatty broadcast applications running.. I didn't see any real noise there like you saw in mine where browsers were broadcasting for espn.com, etc. ;) The dropbox stuff could be removed real easy - unless your using it for local sync between machines? Then your going to want to keep that on, if not turn it off - its a pretty chatty broadcaster.

And just for general tidiness I would disable PCs from being able to be master browsers - it can cause trouble with the browselist if you have machines that can be the browser and enter and leave the network often, they end up thinking they are the browse master and causing an election - it can mess with your browselist being up to date, etc. You really should turn that off on all but machines that are on your network 24/7 -- normally I would suggest you turn it off on all PCs!! And even on servers other than your DC(s) could turn it off as well. You only need 1 box on your network to maintain the browse list - and the DC should win the election anyway - so there is no real reason for other boxes to even participate in the process.

As to other broadcasters - I saw a few other ips running dropbox other than yours. And curious what that 1.2.3.9 thing is ;) Let me look up the mac if listed in your screenshot.

Link to comment
Share on other sites

HDMI cables for stacking has been around for a little while, but its not that uncommon now. We have several Dell switches here which use HDMI for stacking.

The biggest problem is making sure you have a good enough quality cable otherwise you can experience all kinds of funkiness like really poor data rates :(

If you have Cisco Switches the good news is that a lot of polycom phones support CDP so that would make putting things in to the correct VLANS a bit easier.

Also this document might provide some information - http://supportdocs.polycom.com/PolycomService/support/global/documents/support/setup_maintenance/products/voice/soundpoint_ip_soundstation_ip_administrators_guide_v2_2.pdf

There is a section on using DHCP to set VLAN membership

If you are using Netgear and that image above is one of your switches you can clearly see a section for setting a voice VLAN and another for VLAN so it would be a case of setting the Voice VLAN and the data VLAN and then setting the correct VLANS on the phones.

At the end of the day I think you are going to need to set up a test network with your equipment to play around with and test as you appear to be a bit unsure and I would not recommend proceeding blindly

Link to comment
Share on other sites

well you don't have that 1.2.3.9 thing highlighted so can not see what mac it has to look up the maker of the nic, but its running dropbox ;) curious!

I agree with teebor, if possible setup a lab to play with! Do you have an extra switch you can use?

edit: Also can be very useful to have a span port setup as sc302 mentioned, most likely is at gateway of your network (port connect to your router) is good spot. This can give you an idea of what is leaving your network, users doing stuff maybe they shouldn't be doing - eating up your internet bandwidth, etc. Good place to spot unwanted applications on your network, you could setup a box running ntop or something to give you a breakdown of protocols in use, top talkers, etc.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.