RSS
 Can A Single Packet Topple Your Topology? Bill: Including the two segments going to the router. Scott: Normally, a DLC broadcast would stop at a router that doesn't have bridging turned on. Bill: Our client's router was configured strictly for IP routing, but the router forwarded the broadcast packets anyhow. Scott: This happened because an IP broadcast was sent out on an "all stations" DLC address, which was then forwarded to every single segment by the switch, as was previously noted.
Bill: Therefore, the router picked up the broadcast on both segments coming from the switch. Scott: So, if the router sees an IP subnet 47 broadcast packet, it will drop the one it sees on subnet 47, but forward the one it sees on subnet 48 to subnet 47... Bill: ...causing the switch to see it again on segment 47, which it dutifully forwarded to all the other segments, including segment 48 and again to the router. Scott: Causing the packet to loop until the TTL reached zero. Bill: The best solution to the problem was to simply remove one of the two Ethernet segments between the router and the switch and assign the stations and servers to one of the two subnets if possible. Or assign two subnets to the remaining router-port servicing the switch. Scott: We lose the redundant segment, but there's still plenty of bandwidth to feed the T1 port on the other side of the router. Bill: Meanwhile, we wondered exactly why were there so many broadcasts in the first place. Scott: Sinc e the NT workstations were operating with Banyan Systems' VINES client software, there was no thought to check any of the default NT communications parameters when it was i nstalled. Bill: By default, an NT workstation (and Windows95, too) operates as a TCP/IP "bnode." Scott: This means that all the NetBIOS name queries, workstation announcements, browse queries and so forth, are sent out as broadcast packets. Bill: Sure enough, one of the traces we looked at was a NetBIOS query requesting a browser list that got caught in the loop. Scott: Worse, workstation announcements appeared as broadcasts every 12 minutes, thus triggering the same looping problem. Bill: Ideally, what we were hoping for was to contain Windows NT (as well as Windows95) IP-broadcasts to just one subnet. Scott: So, before you decide to flatten an IP network with switching, first consider how broadcast traffic will be handled. Bill: Especially now that Windows NT 4.0 defaults to a TTL of 128, not 32... Scott: ...which really would throw our router for a loop, effectively multiplying the broadcast storm problem fourfold. Bill and Scott can be reached at otw@pmg.com. Portions of trace files from selected columns are available via Pine Mountain Group's Home Page (www.pmg.com). |
 |
by Patricia Schnaidt FreeWire by Bill Frezza Corporate View by Brian Walsh In The Middle by Nick Gall Updated April 24, 1997 |
