Network Management

We have a large network of controllers connected via corporate network using telstra services.

We also have a controller in the DMZ for internet access of untrusted devices.

the remote controllers each have a GRE tunnel back to the DMZ controller for the untrusted users, eg guest or ipad/phone internet access.

We had an interent service provider failure at 6am, a(propably unrelated?), but at 9:30 am there was a huge increase in traffic from the DMZ controller out to the remote controllers via their respective GRE tunnels.

This resulted in some of the smaller bandwidth sites being conjested.

Is there any reason why conversation from DMZ Controller to remote controller shoud suddenly spike for 1-2 hrs, then stop.

If any of those RAP sites have wired traffic, make sure that the VLAN has bcmc-optimization enabled so that it does not forward wired broadcasts to every site.

The remote sites all have a local controller.

It is teh traffic on the GRE tunnel from DMZ controller to the remote Contoller that spiked

It is tough to understand what could be going on without knowing everything about your topology...

Theory - 

DMZ controller, connects to the internet for "untrusted user" who come in via GRE tunnels from multiple site local controllers using a corporate network.

BCMC optimization is not checked for the IP/Vlans that go over the tunnel.

If the internet connection were to go down for extended period, would this cause broadcast traffic back to all controllers over those VLANs and therefore over the tunnels, back to local servers at sites?

 

Any suggestions/comments appreciated.

 

Also, what impact would it have if I checked this box now.?

Would it impact the connectivity/network?

I honestly do not know about your network, so I cannot comment on what a single option will or will not do to it.