Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: One for you guys to solve? Internet caused broadcast storm?  (Read 1727 times)

aesmith

  • Kitizen
  • ****
  • Posts: 1156
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #15 on: January 02, 2022, 04:43:29 PM »

Modern spanning tree algorithms are miles better than the original, really nothing to be worried about.  If available look for Rapid Spanning Tree, or Multiple Spanning Tree if you have lots of VLANs.  They still give the LAN a little thump if you do something gross like change the STP root, but nothing like the old 90 seconds or so it used to take.

Which reminds me, if you have a non-trivial LAN it's worth hard coding the STP root, defaults won't necessarily put it in a sensible place.
Logged

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 4103
    • Thinkbroadband Quality Monitors
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #16 on: January 02, 2022, 05:21:40 PM »

Prior to STP existing you should never EVER create a loop and even with it unless you've deliberately done it for redundancy (if one link goes down it will switch to the other) then it shouldn't be happening and I'd want to know why and where its occurring.

Ethernet was designed to only have a single path to reach each MAC address on the network.
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Celeron N5105) + CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
My Broadband History & Ping Quality Monitors

Reformed

  • Reg Member
  • ***
  • Posts: 318
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #17 on: January 02, 2022, 11:07:02 PM »

Chrysalis - I'm not sure about OpenWRT, sorry. There's only one place where loop could be happening as you mentioned, your call if you want to invest the time in finding the exact cause.

Which reminds me, if you have a non-trivial LAN it's worth hard coding the STP root, defaults won't necessarily put it in a sensible place.

Truth. If you don't set priority to ensure the switch you want becomes root whatever has a port with the lowest MAC address wins. If there are only a pair of switches involved not an issue.

Ethernet was designed to only have a single path to reach each MAC address on the network.

It was also designed originally to have all devices in a single broadcast domain sharing the same bus cable so no need to worry too much about the original design of Ethernet.
« Last Edit: January 02, 2022, 11:17:22 PM by Reformed »
Logged

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 4103
    • Thinkbroadband Quality Monitors
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #18 on: January 03, 2022, 10:00:21 AM »

It was also designed originally to have all devices in a single broadcast domain sharing the same bus cable so no need to worry too much about the original design of Ethernet.

I still say if there's a loop and you didn't deliberately create it, you've done something fundamentally wrong that may have other unforeseen consequences.

Remember a bridge on OpenWRT is software driven, a glitch in the configuration could cause unnecessary CPU overhead.  STP probably solves it, but if you don't know how it started in the first place, how can you be sure?
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Celeron N5105) + CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
My Broadband History & Ping Quality Monitors

Reformed

  • Reg Member
  • ***
  • Posts: 318
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #19 on: January 03, 2022, 12:47:45 PM »

I would be sure by replacing the software switch with a 13.99 piece of hardware. ;)

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 4103
    • Thinkbroadband Quality Monitors
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #20 on: January 03, 2022, 10:52:31 PM »

I would be sure by replacing the software switch with a 13.99 piece of hardware. ;)

Nah, my Torrent box has 8 ethernet ports and they're all bridged so it doubles as a switch with a 5Gbit USB uplink (3.6Gbit due to USB limitation).  Even my NAS has its 10Gbit NIC bridged to the on-board Gigabit ports so my Topaz AI Upscaler box plugs straight into the server.  I'd prefer a 16 port switch instead of 10 there, but that doesn't seem to be an option for multi-Gigabit switches right now and going full 10Gbit with PoE+ would cost a fortune.

All WiFi Access Points and Virtual Machines are inherently software switches.
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Celeron N5105) + CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
My Broadband History & Ping Quality Monitors

Reformed

  • Reg Member
  • ***
  • Posts: 318
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #21 on: January 04, 2022, 12:09:26 AM »

Hypervisors certainly have virtual switches in them for good reason. Not sure if relevant to connecting networks unless using VNFs, which I do routinely. Very basic configuration is good for those.

Think for most folks a 20 8 port switch is probably a more viable option than a dodgy downloads box with 8 bridged Ethernet ports. For those needing VLANs, RSTP, etc, 8 ports for 40.

Software bridging that comes attached to other hardware is a slightly different thing from something running OpenWRT. WiFi access points depending how complex they are can function as routers and switches. The switches and APs I work with on the daily are pretty smart.

The switches https://www.arubanetworks.com/resource/aruba-cx-10000-with-pensando-at-a-glance/ and APs https://www.arubanetworks.com/products/wireless/access-points/ are very clever, and no need to worry about internal bridges in the AP equipment looping, it can't, it's an access node - it sends to RF or an Ethernet port. Loop creation possible only with work to create one and external intervention.

The switches are hardware switching planes with a bunch of intelligence on top. They will not loop on their internal bridges, STP prevents them contributing to external loops.

My own NAS has 4 ports. 3 of them are in an Etherchannel, one is in a DMZ, both routed ports, no bridging required.

The three go to a switch, the DMZ goes to a router. Will build a bridge on there, on the switching hardware, for port density.

This is just how I work. I try and keep as much as I can modular and don't use excess ports on other kit for network functions beyond VNF.

Current switches in use at home are 3 or 4 basic 8 port smart switches, 3 4 SFP+, 1G, with 10G out of each and those serving 8 port GE a 10G port in, a 2 Gb Etherchannel to the switch. 3 core 8 SFP+, 1G ports aggregating the above resiliently and linked themselves in a ring, and a 2 SFP+, 24 GE switch that actually does quite a bit of work and is also in the core ring.

To get to my router from the modem is a 3 switch journey. Router to WiFi AP 3 switches then across an Etherchannel to the AP.

To get to the second AP is a mere one switch journey.

Currently 7 VLANs on there with more to come.

Produces a somewhat convoluted path but works well. I like to keep things as modular as possible. Just my personal preference and despite high device count makes it simple to isolate any routing or switching loop.

APs are on edge ports, only a single Ethernet port active on each. All switches in my snowflake run RSTP if dual uplinked.

Maybe my methods are out of touch. @aesmith?

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 4103
    • Thinkbroadband Quality Monitors
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #22 on: January 04, 2022, 06:00:15 AM »

I'm not suggesting its something you should routinely do where a hardware switch is an easier option.

The reason I use bridging so much is, why have another device plugged in when you don't have to?  Plus a software bridge is smarter than an unmanaged switch.

I have no spare outlets nor space to put a second switch where the NAS is and as I mentioned, upgrading from a 10 port multi-gig switch is not even an option, as far as I can tell they don't exist so you have to go up to 10Gbit and with PoE+ functionality were talking thousands of pounds and likely a lot more noisy than my existing one.  Power could be handled by a PoE powered switch, but actual physical space is a tricker one.

The torrent box also has no spare outlet, it has my Mac Mini and Litebeam plugged into it.  Though I do plan to run the Litebeam to the main switch as I bought a PoE converter for it.  The downsides to software bridging are basically zero, when that box is always on and never has its CPU maxed out.

As for OpenWRT, there's the Home Hub 5A where the LAN is bridged to a VLAN so its a single-cable solution.

The pfSense box also operates a bridge, I have both a bonded LAN connection and my VoIP box plugged into it.  That was a little nerve racking seeing as you lose access to the GUI if you do it wrong and I'm not familiar with FreeBSD nor the awful single-file XML configuration of pfSense, in order to fix it, but got there in the end.
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Celeron N5105) + CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
My Broadband History & Ping Quality Monitors

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 6921
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #23 on: January 07, 2022, 03:45:15 PM »

I still say if there's a loop and you didn't deliberately create it, you've done something fundamentally wrong that may have other unforeseen consequences.

Remember a bridge on OpenWRT is software driven, a glitch in the configuration could cause unnecessary CPU overhead.  STP probably solves it, but if you don't know how it started in the first place, how can you be sure?

It was if I remember right caused on my proxmox (this was a while ago and only temporary, not related to the internet sourced storm mentioned in this thread), it has two cables connected to my LAN, usually one is disabled however, on one occasion I actually enabled both, and it looped my network.

The misunderstanding is on my part I believed STP to make a LAN immune to loops that could exist anywhere on the network rather than just the bridge that STP is running on.

Not that big a deal, I turned on STP and have moved on to other things now.
« Last Edit: January 07, 2022, 03:50:18 PM by Chrysalis »
Logged
AAISP - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE

Reformed

  • Reg Member
  • ***
  • Posts: 318
Re: One for you guys to solve? Internet caused broadcast storm?
« Reply #24 on: January 07, 2022, 10:32:57 PM »

STP is a per-device thing. All bridges running STP have a chat, elect a root bridge and calculate a single path to that root bridge, not sending any traffic to any others.

To have a loop free network via STP needs every switch to run STP and there to be no other devices bridging other than those switches running STP.

I don't really need it on every bridge as mine is a spine-leaf with a ring in the middle but it's there for test purposes, as in I may do things that'll cause transitory loops and I'd rather avoid that as it's a bad use of my time.
Pages: 1 [2]