Bonjour Traffic Load

  • 2
  • Question
  • Updated 2 years ago
  • (Edited)
Since we've enabled Bonjour Gateway in our Policy, our network traffic has spiked to unprecedented levels, to the point that some switches and APs are having their CPUs pegged close to 100% at all times. After doing a Wireshark Capture we confirmed this by seeing that 95-97% of our total network traffic in most buildings are Bonjour-related (mDNS). Our current Bonjour object is setup with 1 Wireless Hop only.

Has anybody experienced this high traffic load generated by Bonjour? Our campus has around 8000 wireless users connected at any given point in time, out of which, about half of them are using Apple devices. As soon as we disable Bonjour all traffic and CPUs on APs & Switches go back to normal.

Photo of Alex

Alex

  • 9 Posts
  • 0 Reply Likes

Posted 3 years ago

  • 2
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi Alex,

That's very odd. Are you observing an amplification factor (orders of magnitude!) between the source and destination broadcast domains (VLANs) for mDNS when you enable the Bonjour Gateway?

Are you sure that one ore more of APs are the origin of the traffic?

What version of HiveOS are you using?

I'd certainly be initially inclined to suspect something else as being the causal factor, some kind of loop or storm here other than the Bonjour Gateway in itself in HiveOS.

I would certainly be fascinated to see what is captured in both the source and destination broadcast domains (VLANs).

Regards,

Nick
(Edited)
Photo of Alex

Alex

  • 9 Posts
  • 0 Reply Likes
Hey Nick,

I haven't been able to check for amplification factors.

 As far as I can see form the pcap, the sources are all Apple client devices. The destination is always 224.0.0.251.

Our HM is running 6.6r1 and our APs are running the following:
- 340 (6.1r6c.1794)
- 170 (6.2r1b.1933)
- 121 (6.4r1d.2111)
- 350 (6.4r1d.2111)
- 230 (6.4r1d.2111)

Thanks Nick.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Which AP is acting as Bonjour gateway? Due to the number of clients, you would want AP230s performing this role with the stateless Bonjour gateway.

(You definitely wouldn't want to be using the stateful Bonjour gateway on an AP340 with 6.1r6.)
(Edited)
Photo of Alex

Alex

  • 9 Posts
  • 0 Reply Likes
6.5r3? I assume you're talking about all AP types?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
It certainly seems as if you have achieved something akin to a mDNS feedback loop, somehow.

I suggest therefore that you open a support case with your point of support for this to all be investigated in depth in conjunction with an understanding of your network topology after updating to HiveOS 6.5r3 and if it continues to reproduce. (Yes, for all AP types.)

In principle, you would ideally want the most CPU capable APs acting as Bonjour Gateways and could consider weighting election accordingly. That said, in this case it looks as if an unconstrained storm is taking place so this is unlikely to help or be necessary once you have updated.

AMRP synchronises to APs that are one-hop neighbours, where a client has roaming potential.

These are the neighbouring APs that are in the AP’s wireless access coverage range
and, yes, can therefore be in a different subnet.

(This is because AMRP discovery takes place via an extension to 802.11 beacon frames.)
(Edited)
Photo of Alex

Alex

  • 6 Posts
  • 0 Reply Likes
Nick, I assume the higher the number, the higher the priority? 

We'll see if we can schedule a Maintenance Window for the upgrade on the APs. Are the specific fixes on this version that should make BJGateway traffic on the APs more stable?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
I think you primarily need to investigate with a support case what the cause of the storm is. Updating to HiveOS 6.5r3 will ensure that all of your APs are on the same code base and behave consistently. I'm not expecting it to necessarily fix this. I don't think you need to concern yourself with tweaking the election process at this juncture.
Photo of Alex

Alex

  • 6 Posts
  • 0 Reply Likes
Ok Nick, thanks for the input.