Packet Storm Protection

One of the useful features of the KarlBridge is its ability to keep broadcast and multicast storms from spreading throughout a network. Network storms are characterized by excessive numbers of broadcast or multicast packets being sent over the network, and can occur if network equipment is configured incorrectly, network software is not properly functioning, or poorly designed programs (including some network games) are used. Storms can reduce network performance and cause bridges, routers, workstations, servers and PC's to slow down or even crash.

The KarlBridge is capable of detecting and limiting storms on each interface or by Ethernet address. A network administrator can set the maximum number of broadcast or multicast packets that are permitted from a particular bridge interface every second. If that maximum number is exceeded, a storm condition is declared. Once it is determined that a storm is occurring on an interface, any additional broadcast or multicast packets received on that interface will be dropped until the storm is determined to be over. The storm is determined to be over when a one-second period elapses with no broadcast or multicast packets received on that interface.

A network administrator can also limit the number of broadcast or multicast packets allowed from a particular Ethernet address (host) every second. Once it is determined that a storm is occurring, any additional broadcast or multicast packets from that host address will be dropped until the storm is determined to be over. The storm is determined to be over when thirty seconds have passed in which the host sends less than one-half the stated threshold of broadcast or multicast packets in every one-second period.