Vlans L2 Broadcast

Unanswered Question
Mar 28th, 2009

Hello All,

Please share how to check for heavy broadcast on L-2(Vlans) network. i.e how to confirm that heavy braodcast is coming from which particular Vlan on L-2 network.

Additonally, If STP is not enabled and there is loop on the link. Is there any possibility that loop is there only due to particular Vlan i.e not just b'coz of physical scenrio.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
lamav Sat, 03/28/2009 - 08:38

1.) You can use a sniffer, like Ethereal or SnifferPro to examine and analyze the traffic being sent on the vlan. After the network stabilizes and the switches CAM tables are built and the end stations have their ARP tables populated, there really shouldn't be too much broadcast traffic. Typically, DHCP and ARP requests account for most broadcast traffic on an Ethernet segment.

2.) Loops exist because of the physical topology, period. If there arent any parallel data paths for a particular vlan (assuming you are deploying per-vlan STP), you cannot have a loop. Now, there are measures taken in software to mitigate those parallel paths, such as vlan pruning, and of course the STP algorithim itself.



cisco.net Sat, 03/28/2009 - 10:47

For POint 1) Instead of third party tools, is there any cisco IoS command to check the heavy traffic from particular Vlan.

For Point 2) Conculded that loop only creates only due to physical topology. Not by any particular Vlan.


lamav Sat, 03/28/2009 - 11:37

1.) "show interface "

2.) So, you mean you understand it now?

cisco.net Sun, 03/29/2009 - 00:11


For Point (1) i suppose there is some mis-confusion now. I am not asking for how to check traffic on particular interface.

I am looking for, How to check that heavy traffic is generating from which particular vlan among the big L2 network.



cisco.net Thu, 04/16/2009 - 07:30

Hello Guys,

Can anyone share the exact solution for finding origin of heavy broadcast on Vlan network.

bs6825 Thu, 04/16/2009 - 08:37

Point 1 - Ehterreal (AKA Wireshark) is a free tool (Google Wireshark) that any network professional should have and know how to use. It is relatively easy to set up and use. This is the best option for tracking traffic. Sniffer is good also, but $$$$.

Spanning Tree - Be very careful not running spanning tree on a multiple switch network. One mis-cable and your loop free topology is toast. My experience is the majority of network issues relate back to spanning tree or other layer 2 issue.

Good luck

lamav Thu, 04/16/2009 - 09:52

Hi, Bruce:

Your name sounds familiar...I did some work for Calence a few years back at TWC.

Anyway, he wants a Cisco tool, not Ethereal, etc. I suggested those first, too.


cisco.net Tue, 04/21/2009 - 09:13

@ Victor,

Thanks. accouting command is not supportin on cisco 4507 switch. I have also tryed on global config mode and also on Vlan int.

Cisco_4507(config)#int vlan 20

Cisco_4507(config-if)#ip ?

Interface IP configuration subcommands:

access-group Specify access control for packets

address Set the IP address of an interface

authentication authentication subcommands

Can there is any other solution. As i guess L2 & L3 switch will not support this commands. I want this utility for tracking broadcast from Vlan(L2) network.


NickNac79 Wed, 04/22/2009 - 00:17

Hi There,

Victor and Bruce have both given you the answer:

Use Wireshark! (Previously called Ethereal)

It is open source (and therefore free).


It's what it is for, and any networking pro worth their salt should know how to use it.

Just install it on a laptop and connect it to vlan 2.

-Start Wireshark

-Click Capture -> Options

-Choose the interface to listen on at the top.

-In the capture filter put: "ip and broadcast"

-Change the Display options as desired.

-Click start.

If you want to see ethernet broadcasts as well as IP broadcasts, change the capture filter to just "broadcast"


cisco.net Wed, 04/22/2009 - 01:21

Thanks a ton..!!!

Surely will implement and try this. But must to mention that preferably i am looking for tool or utility from cisco only to fulfill this requirement.



This Discussion