I have a question, looking for some insight into our issue. Our DSL network is a flat layer 2 networks with approx. 1800 subscribers attached. Becasue of this, the core router, a 3745, has 28 secondary IP addresses attached to its internal interface. It is doing straight routing only, nothing else.
The issue is, we see periodic traffic storms, mostly of ICMP Destination unreachables. When packet captures are looked at in Ethereal, the source MAC is always the internal interface of the 3745. It will be a normal traffic flow, and then a huge flood of the ICMP packets. Does this sound like a problem with all the secondaries, or is there something else we should be looking for?
{ 2 comments… read them below or add one }
Interesting case! What I would like to know is what triggers this ICMP flood. What is the ethernet destination of these packets? This is likely to be the client that requests an unreachable destination.
You should look at the trace and check the traffic preceding the ICMP stream. I would expect a packet from the ethernet source of the ICMPs. When you look at the IP destination of this packet, you might learn some more about what causes this.
I am not a fan of the use of secondaries but it is not nescessarily the root cause of this behaviour.
I will go a step further than Leo and say that I do not believe that the secondary addresses are part of the problem – other than the fact that the secondary addresses are a reflection of the fact that you have a fairly large flat layer 2 network. With fairly large flat layer 2 networks traffic storms happen sometimes. And the larger the broadcast domain the more noticable the storms become
You must log in to post a comment.