Skip to main content

Payment Terminals Offline During Peak Hours Due to Broadcast Storm Saturation or High Bandwidth Utilization

R
Written by Rohit Yadav

Payment Terminals Offline During Peak Hours Due to Broadcast Storm Saturation or High Bandwidth Utilization

Environment: Restaurant Network (Router + Managed Switch + POS + Guest Wi-Fi + IoT Devices)

1. Purpose

This document defines the troubleshooting and remediation process for incidents where payment terminals go offline during peak business hours due to broadcast storm saturation or High Bandwidth Utilization

This is a critical business-impacting event because it affects payment processing during high revenue periods.

2. Scope

Applies to:

  • POS terminals

  • Payment processing devices

  • Managed Layer 2 switches

  • Guest Wi-Fi networks

  • IoT devices (cameras, printers, kiosks)

3. Background – How does Broadcast Storm or High Bandwidth Utilization impact the business continuity

  • A broadcast storm is a condition where an excessive number of broadcast packets floods the network, overwhelming network devices and degrading performance.

  • Broadcast storms occur when too many broadcasts, multicasts, or unknown unicast frames are generated in a short period of time in a looped environment or heavy load/ bandwidth bottleneck due to large no of users are connected.

  • Examples of broadcast traffic include ARP requests, DHCP discovery messages, unknown unicast flooding, and misclassified multicast.

  • High bandwidth utilization creates network bottlenecks and disrupts operational communication.

5. What Happens Technically

When broadcast levels spike:

  • ARP responses are delayed.

  • DHCP requests are delayed or dropped.

  • Payment terminals cannot resolve gateway MAC.

Internet browsing may still partially function because:

  • Some sessions are already established.

  • Not all VLANs equally impacted.

  • Partial packet loss tolerated by some applications.

When bandwidth utilization spike:

  • Network links become saturated.

  • Packet queues on switches/routers begin to fill.

  • Packets are delayed due to increased queuing time.

  • Packet drops occur when buffers is full.

  • Latency and jitter increase significantly.

  • Critical application traffic competes with non-critical traffic.

6. Typical Symptoms

Staff Reports

  • POS freezing during rush.

  • Payments timing out.

  • Internet seems slow but not fully down.

  • Happens during evening or peak hours.

Technical Indicators

  • High broadcast traffic counters on device interface

  • All port LEDs blinking heavily.

  • Intermittent packet loss.

  • Frequent connection and disconnections on client list

  • High bandwidth usages on portal

7. Business Impact

  • Payment processing failure during peak hours.

  • Customer delays.

  • Lost transactions.

  • Manual fallback procedures.

  • Revenue loss.

Severity Level: Critical during business hours

8. Common Root Causes

  1. Layer 2 loop (most severe).

  2. Guest Wi-Fi VLAN overloaded.

  3. IoT device flooding ARP requests.

  4. Misconfigured device generating multicast storms.

  5. Large flat network (no VLAN segmentation).

  6. High Bandwidth Utilization

9. Detailed Troubleshooting Procedure

Step 1 – Confirm Broadcast Saturation

Log into switch.

Check:

  • Broadcast packet counters

  • CPU utilization

  • Interface statistics

  • Error counters

  • Check any multiple events in PCC portal (DHCP Lease, Port UP/Down, Client association or disassociation)

Step 2 – Identify Storm Source Port

Look for:

  • Port with abnormally high broadcast output.

  • Port with excessive unknown unicast traffic.

  • Port counters increasing rapidly.

  • Port with A CRC (Cyclic Redundancy Check) counter increasing

Disconnect suspected port temporarily.

If storm stops → root cause isolated.

Step 3 – Check for Layer 2 Loop

Signs of loop:

  • MAC address flapping.

  • Same MAC appearing on multiple ports.

  • Switch logs showing topology change events.

  • STP logs or port going in block mode again & again

If loop detected:

Immediately disconnect one of redundant links.

Step 4 – Evaluate VLAN Segmentation

Check whether:

  • Guest Wi-Fi shares VLAN with POS.

  • IoT devices share broadcast domain with payment systems.

  • Guest Users are consuming high bandwidth.

Flat networks are highly vulnerable to broadcast storms.

10. Resolution Procedures

Scenario A – Layer 2 Loop

  • Disconnect redundant cable.

  • Enable STP (Spanning Tree Protocol).

  • Enable BPDU Guard on access ports.

STP prevents loops automatically.

Scenario B – High Broadcast from Guest Devices

  • Segment Guest Wi-Fi into separate VLAN.

  • Apply rate limiting via QoS

  • Enable storm control on Interface

Scenario C – IoT Device Flooding

  • Identify offending device.

  • Check for devices which are consuming more bandwidth

  • Update firmware.

  • Replace malfunctioning unit.

  • Move IoT devices to isolated VLAN.

Scenario D – No Storm Control Configured

Enable Storm Control:

  • Limit broadcast percentage per port.

  • Set threshold (e.g., 5–10%).

  • Configure automatic shutdown if exceeded.

Storm control prevents single device from overwhelming network.

Scenario E – Identify clients with High bandwidth utilization

Check PCC portal client page to identify current clients with high bandwidth utilization

  • Check and identify clients consuming excessive bandwidth

  • Identify business (POS, Hand Handles) or non-business clients (Guest users)

  • Block the non-business clients and check why if any business client consuming high bandwidth

11. Validation After Fix

Confirm:

  • Broadcast traffic normalized.

  • CPU stable under load.

  • No packet loss.

  • POS processes payments reliably.

  • No storm recurrence during next peak hour.

  • No High Bandwidth Utilization

Monitor during next rush period.

12. Preventive Measures

  • Enable STP on all switches.

  • Enable BPDU Guard.

  • Enable storm control.

  • Segment POS, Guest, and IoT VLANs.

  • Regularly audit for cable loops.

  • Use managed switches (not unmanaged switches/hubs).

  • Avoid daisy-chaining small switches.

  • Apply QoS to avoid High bandwidth utilization

Did this answer your question?