In computer networking, most network traffic is simply request and response. This involves two distinctly addressed devices communicating over the network. While some intermediary devices, such as routers and switches, need to check destination addresses to route the traffic correctly, they’re not that involved. This type of traffic going from one point to another is called unicast.
There are several situations, however, in which doing this would not be efficient. Some network protocols need to – or have functionality that can – communicate with every device in the network. While it would be possible to communicate with each device on the network individually, this would potentially require many messages in large networks and would be inefficient. Instead, the sending device can deliberately configure the packet to be broadcast to the network.
How Does a Broadcast Work?
When a network is configured, it is designed with an IP address range consisting of an IP address and a subnet mask. The IP address typically defines the start of the addresses that can be used. For example, a LAN, or Local Area Network, may be configured with IP addresses like this: 10.0.0.1, or this: 192.168.0.1. The subnet mask is part of the CIDR or Classless Inter-Domain Routing system. It defines the size of the network, assuming that the indicated IP is within that range. For example, a /24 CIDR range represents the subnet mask 255.255.255.0, which means that the last octet in the IP address can be used to define hosts.
Given that each octet supports numbers between 0 and 255 (inclusive), you might be forgiven for assuming that that means that you can have 256 unique devices in the network. That number is only 254. In any network, two addresses are reserved, the first and the last. The first, in this case, 0, is considered the network address and can’t be used by any devices. The second, in this case, 255, is regarded as the broadcast address.
Helpfully, creating a broadcast message is that simple. All you need to do is address it to the broadcast address of your network. All devices with networking capabilities are designed to understand that this means that every device should receive the traffic. For end-user devices, this means they need to receive the message, even if it doesn’t contain their address. For routing devices, it means that they need to forward the message to every device on the network.
Limitations of Broadcast
One of the things to note here is that it’s only possible to broadcast within a network segment. Each network forms what’s known as a broadcast domain. Broadcast traffic will only be broadcast within the appropriate network. Within that network, the router can identify that the broadcast is meant for that network and forwards it to each device, but also knows that it doesn’t need to send it out of the network.
It’s generally not possible to send a message to another network’s broadcast address. In this case, the router responsible for the network would normally drop the traffic, identifying it as illegitimate. Other networks used to reach that one would not be affected as they could not tell from the destination IP address if the message was aimed at a broadcast address. There is no broadcast address for the internet in general.
Potential Issues with Broadcast
As with so many things in computing, the ability to send broadcast messages can be abused intentionally or accidentally, generally resulting in Denial of Service or DoS conditions. One example is the Smurf attack. This involves sending a ping packet to the network’s broadcast address while simultaneously spoofing the source address. Devices that have been pinged are supposed to respond by pinging back. So, one device pings the entire network but points them at another. This shouldn’t be too much of an issue in a small network. Most devices should be capable of withstanding a few dozen packets. In an extensive network with thousands of devices, this can cause issues, especially if sustained.
A similar issue is the broadcast storm. One specific example is the ARP storm. ARP is intended to let devices on the network know the MAC address of other devices via broadcasts. A network switch is designed to forward any broadcast traffic seen to all other connected devices. If you have a loop connecting two switches, you suddenly get a problem.
The broadcast packet gets infinitely looped, and each time the switch sees it, it broadcasts it to every connected device again. This can produce so much network traffic that it consumes all the bandwidth briefly. This generally involves so much traffic to connected computers that they also run slow. It also makes it hard to resolve remotely, as the network used to connect is overwhelmed.
The solution to broadcast storms is to avoid loops and use STP, Spanning Tree Protocol, which specifically disables these loops. Once an ARP storm or other broadcast storm has started, the primary way to stop it is to unplug the network cables causing the loop.
A broadcast is one-to-many network communication. It involves configuring the destination IP address to be the network’s broadcast address. All devices on the network then receive the traffic. Broadcasting allows any device on the network to see the traffic and shouldn’t be used for sensitive, private information. The effects of broadcast traffic are minimal in small networks. More extensive networks, however, are affected more.
The larger number of devices raises the performance impact. There is some potential Denial of Service issues with broadcasting. Most modern devices generally offer functionality to prevent these issue classes. These protections may not be enabled by default, though.
Did this help? Let us know!