Hi all,
It comes and goes but right now it seems to be spreading. A few routers on the network are handing out ip address to our customers. I have been reading and from what I understand is the I want to enable IPv4 multicast filter on all SM’s to block those routers from handing out ip address to our customers. Would that be correct?
Thanks
H
we check IPv4 multicast,BootPserver and PPoE on all sm’s to help combat this issue
ok cool.
thanks for the speedy reply.
we use a dhcp server that hands out ip dynamically, will that affect it?
nope. we use a DHCP server too and it works fine. Just make sure it BootP CLIENT not bootP SERVER. client will disable Requests while Server will block outgoing dhcp
thanks SOOO MUCH!!!
I wonder how long checking 200 customers is going to take! arghhh
H
sorry vlan1 can you verify if I check bootp client or server.
#2 you say server to check
in post #4 you say client to check
thanks
H
HHill wrote: sorry vlan1 can you verify if I check bootp client or server.
#2 you say server to check
in post #4 you say client to check
thanks
H
You will want to put a check in the Bootp Server filter to block DHCP from those routers. If you put a check in Bootp Client you will disable the SMs ability to get an IP address from your DHCP server.
Thanks wifi guy. I had PMed vlan1 for clarification and he got right back to me. Sorry for not posting earlier. Had to get everyone switched over pronto! So, for future reference, check
PPPoe
Bootp Server
IPv4 Multicast
Thanks a bunch!
H
You’ll probably also want to filter SMB
Hey frothingdog.ca
I was thinking that. I know it has to do with network neigborhood, but not much more. Is it so people can’t see or share other peoples files on their computers?
Also, in my reading yesterday I kept seeing mentioned a “broadcast storm” what is that exactly, how does it happen and what can be done about it.
Thanks
H
Broadcast storms can happen when someone has their equipment horribly misconfigured or plugs a switch into itself and there’s nothing like Spanning Tree running on the network. In the first example you could have 1000 pps of gratuitous ARP, or maybe a few hundred Windows PCs all in the same “workgroup” sending out broadcasts and trying to become master browsers for NetBIOS. The second example just loops traffic around until something blows up.
SMB stands for Server Message Block and is the underlying protocol suite for the Network Neighborhood stuff. The SMB filters should block NetBIOS/NetBEUI broadcasts, and tcp/udp ports 135, 137, 139 and 445. Enabling SM isolation and, if you have managed switches, Private VLANs (or “port protected” in Cisco world) should keep chatter down to a minimum.
If I ran into a broadcast storm these days, I’d start first by jumping onto that network with something like Wireshark, then tracing back the source MAC address through our switches and layer 2 bridging tables on the APs and disable that customer.
Thanks salad. For making me feel totally ignorant! 
I can’t wait till i get properly trained!
Thanks for all your help the network has been running very smooth!
H