[80623] in North American Network Operators' Group
Two questions [controlling broadcast storms & netflow software]; seeking offlist responses
daemon@ATHENA.MIT.EDU (Drew Weaver)
Thu May 5 16:10:40 2005
Date: Thu, 5 May 2005 16:26:48 -0400
From: "Drew Weaver" <drew.weaver@thenap.com>
To: <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
This is a multi-part message in MIME format.
------_=_NextPart_001_01C551B0.C399C73A
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Hi. We've been using the same topology for our Fast Ethernet
network for awhile, it has grown quite a bit lately and we've wanted to
change it around. We've been running into some problems with broadcasts
traversing vlan boundaries and we've become a tad stumped by this.. Here
is an example of what we're doing with the network.
=20
We're using Black Diamond 6808 switches by extreme, those switches are
connected to Cisco GSR 12000 routers which then connect to the Internet
=20
On the extremes every server is connected to its own vlan, and the
upstream connection to the router Is in its own vlan. The extreme is
doing layer3 (so all of the IP addresses are routed to the switch)=20
=20
So the VLAN would look something like this..
=20
192.168.0.0/29 The Server's IP would be 192.168.0.2 The Black Diamond's
IP would be 192.168.0.1 So the server's gateway would be .1
=20
We have IP forwarding enabled on all of the VLANs so that the traffic
can go from the SERVER's VLAN to the UPSTREAM's VLAN.=20
=20
I realize that there are certain design flaws inherit here, can someone
point out a better way to design this, if you have any questions I would
be happy to answer them.
=20
Also all of the vlans are untagged in the black diamond, and there is no
vlan configuration for them whatsoever in the GSR 12000. =20
=20
The basic problem is that once in a blue moon we get problems where
something will eat up a great deal of cpu cycles in the switch and its
almost always a broadcast storm. (which is supposed to be eliminated by
private VLANs.
=20
One idea I had was to use the black diamond as a layer2 switch and then
use the GSR to do the routing, but that seems kind of round-about.
=20
Any other ideas?
=20
Also the other question I had was are there any very good either open
source or fairly affordable netflow analyzer software packages out there
right now?
=20
Thanks,
Andrew
=20
=20
=20
------_=_NextPart_001_01C551B0.C399C73A
Content-Type: text/html;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> =
Hi.
We’ve been using the same topology for our Fast Ethernet network =
for
awhile, it has grown quite a bit lately and we’ve wanted to change =
it
around. We’ve been running into some problems with broadcasts =
traversing
vlan boundaries and we’ve become a tad stumped by this.. Here is =
an
example of what we’re doing with the =
network.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>We’re using Black Diamond 6808 switches by =
extreme,
those switches are connected to Cisco GSR 12000 routers which then =
connect to
the Internet<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>On the extremes every server is connected to its own =
vlan,
and the upstream connection to the router Is in its own vlan. The =
extreme is
doing layer3 (so all of the IP addresses are routed to the switch) =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>So the VLAN would look something like =
this..<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>192.168.0.0/29 The Server’s IP would be =
192.168.0.2
The Black Diamond’s IP would be 192.168.0.1 So the server’s =
gateway
would be .1<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>We have IP forwarding enabled on all of the VLANs so =
that
the traffic can go from the SERVER’s VLAN to the UPSTREAM’s =
VLAN. <o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I realize that there are certain design flaws inherit =
here,
can someone point out a better way to design this, if you have any =
questions I
would be happy to answer them.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Also all of the vlans are untagged in the black =
diamond, and
there is no vlan configuration for them whatsoever in the GSR 12000. =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>The basic problem is that once in a blue moon we get
problems where something will eat up a great deal of cpu cycles in the =
switch
and its almost always a broadcast storm. (which is supposed to be =
eliminated by
private VLANs.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>One idea I had was to use the black diamond as a =
layer2
switch and then use the GSR to do the routing, but that seems kind of
round-about.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Any other ideas?<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Also the other question I had was are there any very =
good
either open source or fairly affordable netflow analyzer software =
packages out
there right now?<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Thanks,<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Andrew<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>
------_=_NextPart_001_01C551B0.C399C73A--
