目录

一、Introduction of broadcast storm：

二、The broadcast storm on the second floor production process —二层环路

三、危害：

 四、Judge whether the current in the broadcast storm on the second floor：

五、The general cause of broadcast storm on the second floor：

六、如何解决这个问题：

一、Introduction of broadcast storm：

广播风暴（broadcast storm）简单的讲是指当广播数据充斥网络无法处理,And take up a lot of网络带宽,导致正常业务不能运行,甚至彻底瘫痪,这就发生了“广播风暴”.一个数据帧Or package is transmitted to the local网段 （由广播域定义）上的每个节点就是广播;由于网络拓扑The design and the connection problem,或其他原因导致广播在网段内大量复制,传播数据帧,导致网络性能下降,甚至网络瘫痪,这就是广播风暴.

——————————————————————————————————————————————————————————

二、The broadcast storm on the second floor production process —二层环路

注：Here only talk about one direction

首先pc1发送arp请求到达sw2After the formation of a switchmac地址表

从f0/8接口学习到的mac地址）0........A,    属于 vlan  10

然后在判断Dmac,当Dmac为12个F时,And then in allvlan   10（相同VLAN）  Within the interface（除了F0/8）以及trunk链路接口泛洪    

同样sw3收到来自sw2的arp也形成一个mac地址表：

Then flood to pc3 和 sw1

！！！***注：在到达pc3以前dmac都是12个F（二层广播）

 到达sw1After the formation of a switchmac地址表

然后sw1And then the flood to givesw2,Form a switchmac地址表

！！！***注：此时Dmac都是12个F（二层广播） 

由于在 sw2 时 dmac 为12个F,So the red for sw3,然后 sw3 泛洪给 pc3 和 sw1,然后    sw1 And flooding to give sw2.....................................这样来回往复,Eventually form a broadcast storm on the second floor

 ——————————————————————————————————————————————————————————

三、危害：

The broadcast storm the harm of network is very big,将严重消耗设备资源及网络带宽,cpu利用率过高,Data transmission delay larger......最终导致网络瘫痪........

———————————————————————————————————————————————————————————— 

 四、Judge whether the current in the broadcast storm on the second floor：

• ---Piece area on the Internet is very slow or offline
• ---Room observation device interface state lamp,Normal interface state is light green,Are all yellow may broadcast storm
• ---If you can log in network equipment,The current network equipmentCPU利用率在80%--100%左右
• ---交换机MACAddress table appearedMACAddress offset phenomenon（一个MACAddress at the same time I study the exchange of two different interfaces to） 
• 1、Special card piece area to get to the Internet(延迟时间100-300ms） PC通过consoleLine login to switch,Found in a command line mode switchCPUUtilization of special 高（95%-100%）（不严重的情况下）
• 2、查看MAC地址表,出现了MACThe phenomenon of address offset（一个相同的 MACAddress in different interface learn）（Second loop andmacAddress spoofing and red）如图：

• 3、查看 0/8 和 0/1The rate of the interface statistics,From the device to boot now,Interface received how many 广播包,一分钟,Look at this interface has received many broadcast packets,See how much one minute increase radio 包,Hundreds of thousands of words must be produced a broadcast storm on the second floor 
• 4、View room switch interface state lamp,Under normal circumstances is green and flashing on a regular basis（The flow in the 输）,If one of the interfaces is yellow and fast scintillation,很难判断 But if it is all the interface is yellow and fast scintillation,Basically can determine the broadcast storm on the second floor

—————————————————————————————————————————————————————————— 

五、The general cause of broadcast storm on the second floor：

• 1、Form the second loop
• 2、黑客恶意攻击（macAddress flooding and deceit attack）
• 3、病毒攻击

—————————————————————————————————————————————————————————— 

六、如何解决这个问题：

• 1、生成树. Cisco and huawei switch the default opens the spanning tree,But other manufacturers spanning tree may not open STP和RSTP所有 的vlan Run a spanning tree PVSTP是思科私有的,一个vlanRun a spanning tree MSTP是1-49Run a spanning tree,50-99Running another spanning tree 所以,Need to see switches also not run spanning tree 同时,There will be running mode and other switchesSTPModel mismatch problem
• 2、Violence drawn wire.Login difficulties,Rough way,拔线 Unplug a switch power supply cord,By looking at the other switchesMAC地址表,Find cause second ring The interface of the road
• 3、创建vlan隔离广播域

• 注：macAddress table default aging time as300s

      arpCache table default aging time as20min , On the layer 3 switches through the command show ip  arp  ,查看        arp缓存表.在pc上可以通过 cmd---> arp -a , 查看：