I'm using 2 Cisco Catalyst 3850 switches (Sw1, Sw2) and 3 Cisco Nexus switches (Sw3, Sw4, Sw5) as part of my internal network, connected in the manner below (A, B, C, D, E, F represent 10G ports, i.e. A on Sw1 is connected to A on Sw3). The switches were setup by someone else, and I believe they simply used them as they are without any configuration. Basically, Sw1 and Sw2 are connected to Sw3 and Sw4, and then Sw3 and Sw4 are connected to Sw5, which is then connected to an outside network.
Sw1 Sw3 Sw5
---- -------- ----
A B A C E E F
Sw2 Sw4
---- --------
C D B D F
Currently, Sw1, Sw2 are also connected to servers and other equipment via their 1G ports. The intention is such that all servers and equipment can talk to each other and the outside network.
What I observed was every few minutes, there would be a burst of broadcast packets (e.g. DHCP Discovery, FIP, ARP, DNS) at about 60K-100K in an instant, and the source MAC addresses came from 2 different MAC addresses.
However, when I removed the connections B, D and F, I no longer see the burst. As I'm having some trouble logging into the switches via console, I'm not able to check on the configurations of the switches.
My question is, could the burst be due to my initial connection? Did connecting Sw1 and Sw2 to 2 switches somehow cause the burst?
