VLANs, VoIP, and Vigilance: The Life of a Solo System Administrator


To address some queries raised:

I discovered that storm control settings were mistakenly set to 100% for all broadcast traffic types, likely an oversight from my earlier days. I’m currently reviewing this to determine appropriate thresholds.

All network video recorders (NVRs) and cameras are segregated within their own VLAN, with the exception of the initial device installed years ago when I was less familiar with VLANs. Our VoIP phones and guest devices are also on separate VLANs. Additionally, I’m considering establishing a dedicated VLAN for printers and copiers.

I’ve encountered an issue with one of the devices, which I plan to investigate further. Although I haven’t powered it down, I’ve isolated it by disabling its switch port and reassigning it to an inactive VLAN, yet it continues to broadcast MDNS traffic. This leads me to suspect hardware deterioration, but a reboot should clarify whether it’s a temporary glitch.

Rapid Spanning Tree Protocol (RSTP) is active on our Meraki switches, and while the problematic NVR is connected to one, I need to verify RSTP settings on other switches in our network.

I’ve corrected a minor language error, changing ‘queue’ to ‘cue.’ It’s a reminder that language learning is an ongoing process.

The consensus seems to be that while goat farming in New Zealand is acceptable, combining it with system administration duties is not. Nevertheless, I’m passionate about my role and cannot envision pursuing a different career path.

I’ve been introduced to the concepts of MLD/IGMP snooping, which I’ll explore further. IGMP snooping is enabled on our Meraki switches, but I’m uncertain about MLD. Since we haven’t fully adopted IPv6, this will be an area for future investigation.

The NVR, a HIKVision model, was found to be flooding the network with MDNS packets directed at, causing significant network disruption. The packets alternated between raop._tcp.local and airplay._tcp.local domains, indicating an issue with Apple-related services.

End of update.

Shortly after my arrival, the network began to malfunction, with RDP sessions dropping and website access becoming erratic. Curiously, VoIP services remained operational.

Initially, I suspected the recently installed Fortigate firewall, but after implementing traffic shaping measures and consulting with support, the issue persisted. It wasn’t until I conducted a packet capture that I identified the source of the problem: an old security NVR emitting a torrent of MDNS packets. Disabling its network port resolved the issue promptly.

The incident was a humbling experience, leading me to question my competence. However, my supervisor provided unwavering support, allowing me to concentrate on resolving the crisis. This ordeal has been a valuable learning opportunity, emphasizing the importance of systematic troubleshooting and leveraging available tools.

I’ve preserved a traffic graph of the NVR during the outage as a reminder to maintain focus and resilience in the face of challenges.

In summary, a network device initiated a broadcast storm, and my self-doubt delayed the resolution. Yet, it’s a lesson in the importance of self-belief and methodical problem-solving.”


In the intricate web of modern networking, system administrators stand as vigilant guardians against the unseen chaos that lurks within the binary streams of data. Recently, a seasoned sysadmin faced a perplexing conundrum that tested their mettle and technical acumen.

It began with an innocuous oversight from the past—a storm control setting erroneously configured to 100% for all broadcast traffic types. This misconfiguration lay dormant, a ticking time bomb waiting to unleash its fury. The sysadmin, now wiser and more experienced, embarked on a quest to recalibrate these thresholds to maintain network harmony.

A VLAN for Every Voice

As the network’s architect, the sysadmin had meticulously segregated devices into virtual lanes of communication. Network video recorders (NVRs) and cameras were allocated their own VLAN, a practice that excluded the very first device—a relic from a time when VLANs were a novel concept to the admin. VoIP phones echoed clearly in their dedicated VLAN, while guests roamed freely in another. The blueprint for a new VLAN dedicated to printers and copiers was being drafted, a testament to the sysadmin’s foresight.

The Rogue Device

Amidst this well-ordered digital ecosystem, one device rebelled. Despite being isolated to an inactive VLAN, it persisted in broadcasting MDNS traffic, a beacon of defiance. The sysadmin suspected hardware deterioration, a theory to be tested with the simple act of a reboot.

The RSTP Enigma

The Rapid Spanning Tree Protocol (RSTP) stood as a silent sentinel on the Meraki switches, ensuring a loop-free topology. Yet, the sysadmin faced the uncertainty of whether this protocol extended its protective embrace to all switches within the network—a puzzle piece missing in the grand scheme.

The Linguistic Lapse

In a moment of levity, the sysadmin reflected on a minor linguistic slip—confusing ‘queue’ with ‘cue.’ It served as a humble reminder that the journey of learning never ceases, even in the minutiae of language.

The Unlikely Farmer

A whimsical consensus emerged, suggesting that while goat farming in New Zealand might be a serene pursuit, it could not coexist with the demands of system administration. This notion, however, could not sway the sysadmin’s passion for their chosen path.

The MLD/IGMP Conundrum

Introduced to the concepts of MLD/IGMP snooping, the sysadmin peered into the rabbit hole of network optimization. With IGMP snooping active and MLD yet to be explored, the admin stood on the precipice of the IPv6 frontier, ready to delve into the unknown.

The Apple of Discord

The culprit of the network’s woes was unmasked—a HIKVision NVR that had taken to flooding the network with MDNS packets. These packets, aimed at the address, alternated between domains associated with Apple services, sowing seeds of disruption.

The Firewall’s False Lead

When the network’s pulse began to falter, the sysadmin’s gaze turned to the Fortigate firewall, a recent addition to the infrastructure. Despite fine-tuning its configurations and seeking wisdom from support, the true source of the ailment eluded them.

The Revelation

It was only through the lens of a packet capture that the truth shone through. An old security NVR, in its digital senescence, had unleashed a maelstrom of MDNS packets. The swift action of disabling its network port quelled the storm, restoring tranquility to the network.

The Reflection

The ordeal served as a crucible, forging the sysadmin’s resolve and underscoring the virtue of systematic troubleshooting. It was a poignant lesson in self-belief and the power of methodical problem-solving. A traffic graph of the NVR, now a trophy of triumph, adorned the wall—a beacon of resilience for future tribulations.

In the end, the network device that had initiated the broadcast storm became a catalyst for growth, transforming self-doubt into a renewed conviction in the sysadmin’s abilities. It was a stark reminder that even in the face of adversity, one can emerge wiser, stronger, and more prepared for the challenges ahead.

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Terms Contacts About Us