Network Management

Reply
Occasional Contributor II
Posts: 10
Registered: ‎12-17-2014

increased in traffic from DMZ Controller to remote controllers over GRE Tunnel

We have a large network of controllers connected via corporate network using telstra services.

We also have a controller in the DMZ for internet access of untrusted devices.

the remote controllers each have a GRE tunnel back to the DMZ controller for the untrusted users, eg guest or ipad/phone internet access.

We had an interent service provider failure at 6am, a(propably unrelated?), but at 9:30 am there was a huge increase in traffic from the DMZ controller out to the remote controllers via their respective GRE tunnels.

This resulted in some of the smaller bandwidth sites being conjested.

Is there any reason why conversation from DMZ Controller to remote controller shoud suddenly spike for 1-2 hrs, then stop.

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: increased in traffic from DMZ Controller to remote controllers over GRE Tunnel

If any of those RAP sites have wired traffic, make sure that the VLAN has bcmc-optimization enabled so that it does not forward wired broadcasts to every site.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎12-17-2014

Re: increased in traffic from DMZ Controller to remote controllers over GRE Tunnel

The remote sites all have a local controller.

It is teh traffic on the GRE tunnel from DMZ controller to the remote Contoller that spiked

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: increased in traffic from DMZ Controller to remote controllers over GRE Tunnel

It is tough to understand what could be going on without knowing everything about your topology...


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 10
Registered: ‎12-17-2014

Re: increased in traffic from DMZ Controller to remote controllers over GRE Tunnel

Theory - 

DMZ controller, connects to the internet for "untrusted user" who come in via GRE tunnels from multiple site local controllers using a corporate network.

BCMC optimization is not checked for the IP/Vlans that go over the tunnel.

If the internet connection were to go down for extended period, would this cause broadcast traffic back to all controllers over those VLANs and therefore over the tunnels, back to local servers at sites?

 

Any suggestions/comments appreciated.

 

Also, what impact would it have if I checked this box now.?

Would it impact the connectivity/network?

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: increased in traffic from DMZ Controller to remote controllers over GRE Tunnel

I honestly do not know about your network, so I cannot comment on what a single option will or will not do to it.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: