Prevent broadcast storm?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2013 05:16 PM
Hi,
Is there any way to prevent broadcast storm at AP? I have bridge configuration in my WLANs.
Regards,
Alberto.
Is there any way to prevent broadcast storm at AP? I have bridge configuration in my WLANs.
Regards,
Alberto.
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-13-2013 11:33 AM
Hi Alberto,
On an AP we can limit broadcast storm by creating Vlan's.
All the client traffic will be then segmented, also please enable wireless client isolation.
Regards,
Kevin
On an AP we can limit broadcast storm by creating Vlan's.
All the client traffic will be then segmented, also please enable wireless client isolation.
Regards,
Kevin
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2013 12:29 AM
Hi Kevin,
but this only prevent to flood broadcast between clients. Let me explain, we had this issue:
- AP started, wireless wlans deployed. (ping to management interface of the AP it was ok, milliseconds)
- Wireless clients started to connect
- After some minutes, ping to management interface raise up to 1 second.
- Packet capture at AP, we saw a lot of broadcast from a wireless client.
- Blocked client, ping in milliseconds.
So... it seems the broadcast affected the AP and I can't prevent it making vlans and isolating traffic from clients because it is communication between wireless device and AP.
but this only prevent to flood broadcast between clients. Let me explain, we had this issue:
- AP started, wireless wlans deployed. (ping to management interface of the AP it was ok, milliseconds)
- Wireless clients started to connect
- After some minutes, ping to management interface raise up to 1 second.
- Packet capture at AP, we saw a lot of broadcast from a wireless client.
- Blocked client, ping in milliseconds.
So... it seems the broadcast affected the AP and I can't prevent it making vlans and isolating traffic from clients because it is communication between wireless device and AP.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-18-2013 12:46 PM
This is more a DOS attack than a broadcast storm (latter implies more participants). There's a couple of things at work here.
Wifi is a shared media. A mis-behaving client acts, in effect, like a source of interference. So if you were pinging the AP via wireless - you may have just had a lot of latency in the radio spectrum. If you were pinging via wired. the AP may have been over-taxed "listening" to the offending client. And everyone might have slowed down due to overlong transmission by the offending client.
The ZoneDirector does offer some protective services - see the "Configuring Wireless Intrusion Prevention" chapter in the ZoneDirector User Guide
Wifi is a shared media. A mis-behaving client acts, in effect, like a source of interference. So if you were pinging the AP via wireless - you may have just had a lot of latency in the radio spectrum. If you were pinging via wired. the AP may have been over-taxed "listening" to the offending client. And everyone might have slowed down due to overlong transmission by the offending client.
The ZoneDirector does offer some protective services - see the "Configuring Wireless Intrusion Prevention" chapter in the ZoneDirector User Guide

