A broadcast storm occurs when there is an overwhelming amount of broadcast and multicast traffic on a computer network. This excessive traffic can consume so many network resources that it makes the network unable to handle normal data transmission properly. Essentially, a broadcast storm can bring a network down, causing it to become extremely slow or entirely unresponsive.
The most common cause of a broadcast storm is a switching loop in the Ethernet network topology. This happens when there are multiple paths between switches. For instance, if both ends of a single Ethernet cable are connected to the same switch, broadcast traffic can circulate endlessly. Since broadcasts and multicasts are forwarded by switches to every port, the traffic keeps getting repeated, creating a loop. One critical aspect of a layer-2 network frame is that it does not have a time-to-live (TTL) value, which means the frames can circulate indefinitely in a looped network topology.
Additionally, broadcast storms can be triggered intentionally through denial-of-service (DoS) attacks. Methods such as the smurf attack or fraggle attack can be used, where an attacker sends large volumes of ICMP Echo Requests (ping traffic) to a broadcast address. These packets have a spoofed source address of the victim host. Consequently, all hosts in the network respond to the spoofed address, resulting in a flood of replies which can overwhelm the victim.
Broadcast storms are not limited to wired networks. In wireless networks, a disassociation packet spoofed with the wireless access point’s source address and sent to the broadcast address can create a similar type of denial-of-service attack.
To prevent broadcast storms, several techniques can be employed:- Link Aggregation, Spanning Tree Protocol (STP), and Shortest Path Bridging: These methods address switching loops.- Layer 3 Equipment Filtering: Routers and switches that apply advanced filtering.- Segmenting Broadcast Domains: This involves using routers or VLANs to logically divide the network.- Storm Control: Many managed switches offer broadcast storm control, which stops forwarding broadcast traffic when it exceeds a specific threshold, allowing network managers to identify and resolve root issues.
In mobile ad hoc networks (MANETs), route request (RREQ) packets are broadcast to discover new routes. However, these packets can cause broadcast storms, competing with data packets over the same channel. Reducing redundancy by inhibiting some hosts from rebroadcasting is a way to mitigate this problem.