Some old switches have a limited size to
the forwarding database (FDB) typically on old switches 1024 entries.
In the event of the forwarding database
getting full packets tend to get flooded.
For example;
Synoptics 28K had a limit of 1024(this switch
is very, very old).
Alteon ACEdirector switches have a limit
of 1024 per port + 4K max for the switch.
If this is the case on some switches you
can lower the FDB aging timer to try and keep the FDB from getting full.
Defaults are normally 5 minutes lowering
to 60 seconds should help keep the database below 1024 entries.
I would think about redesigning you
network to lower the size of the broadcast domain. I would think around a max
of 500 clients per VLAN is a rough guide.
There are some very cheap L3 switches
around at the moment.
Cheers
Giles Scott
From:
ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On
Behalf Of Carsten Holfelder
Sent: Thursday, December 09, 2004
5:27 AM
To: ethereal-users@xxxxxxxxxxxx
Subject: [Ethereal-users]
Broadcasts which shouldn't be broadcasts
I have noticed over time the network seems to slow down. So
I have installed ethereal on my computer and noticed the following.
I have got a switched network with about 1600 devices
connected to it.I noticed that I am able to sniff a lot of packets that should
have been switched - Directed Traffic. When I check the data packets I noticed
that there is a destination MAC Address in the data packet. I connected the
packet sniffer to a different section on the network and it is the same. When I
check on the switches the MAC Address is not in the ARP table. I have increased
the aging time of the arps cache and it has made no difference. My main
switches are Dell Poweredge 5324 and the rest are a mix between 3Com and
Cabletron. The switches are not even sending a broadcast packet asking for the
MAC Address of the Server or Computer. When I check the port where the server
is connected to it doesn't show the MAC Address of the server.
The main problem is with a web based application that
run a SQL server in the background. There are four IIS servers running with
microsoft NLB (Network Load Balancing) between them. Two servers are connected
in one switch and the other two in a anouther switch. The replys from the
server to the clients are directed. It is only the traffic that is going to the
servers that are being broadcast. The servers have got two nics in them. One is
for the NLB which the clients access and the other is used for a maintenance
connection.
I know that this is not about ethereal but a network
problem, but I am hoping that there is someone who knows what the problem is
and will be able to assist me to solve it.
#########################################################################################
CONFIDENTIAL
CAUTION
This message is intended only for the use of the individual or entity to which
it is addressed and may contain information that is privileged and
confidential. If the reader of this message is not the intended recipient or
the employee or agent responsible for delivering the message to the intended
recipient, you are hereby notified that any dissemination, distribution or
copying of this communication is strictly prohibited. If you have received
this communication in error, please notify us by telephone and return the
original message to the above address.
#########################################################################################
